Skip to main content

Threat Analysis of the Domain Name System (DNS)
RFC 3833

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>, 
    dnsext mailing list <>, 
    dnsext chair <>
Subject: Document Action: 'Threat Analysis Of The Domain Name 
         System' to Informational RFC 

The IESG has approved the following document:

- 'Threat Analysis Of The Domain Name System '
   <draft-ietf-dnsext-dns-threats-08.txt> as an Informational RFC

This document is the product of the DNS Extensions Working Group. 

The IESG contact persons are Thomas Narten and Mark Townsley.

A URL of this Internet-Draft is:

Ballot Text

Technical Summary
   Although the DNS Security Extensions (DNSSEC) have been under
   development for most of the last decade, the IETF has never written
   down the specific set of threats against which DNSSEC is designed to
   protect.  Among other drawbacks, this cart-before-the-horse situation
   has made it difficult to determine whether DNSSEC meets its design
   goals, since its design goals are not well specified.  This note
   attempts to document some of the known threats to the DNS, and, in
   doing so, attempts to measure to what extent (if any) DNSSEC is a
   useful tool in defending against these threats.
Working Group Summary
Protocol Quality
This document has been reviewed for the IESG by Thomas Narten.

RFC Editor Note