Skip to main content

Algorithm Implementation Requirements and Usage Guidance for DNSSEC

Document Type Replaced Internet-Draft (dnsop WG)
Expired & archived
Authors Paul Wouters , Ondřej Surý
Last updated 2017-04-14 (Latest revision 2016-10-11)
Replaced by draft-ietf-dnsop-algorithm-update
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status Proposed Standard
Additional resources Mailing list discussion
Stream WG state Adopted by a WG
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-dnsop-algorithm-update
Consensus boilerplate Yes
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


The DNSSEC protocol makes use of various cryptographic algorithms in order to provide authentication of DNS data and proof of non- existence. To ensure interoperability between DNS resolvers and DNS authoritative servers, it is necessary to specify a set of algorithm implementation requirements and usage guidance to ensure that there is at least one algorithm that all implementations support. This document defines the current algorithm implementation requirements and usage guidance for DNSSEC. This document obsoletes RFC-6944.


Paul Wouters
Ondřej Surý

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)