A Method for Storing IPsec Keying Material in DNS
RFC 4025

Revision differences

Document history

Date Rev. By Action
2018-12-20
12 (System)
Received changes through RFC Editor sync (changed abstract to 'This document describes a new resource record for the Domain Name System (DNS). This record may ...
2015-10-14
12 (System) Notify list changed from sra@hactrn.net, weiler@tislabs.com to (None)
2012-08-22
12 (System) post-migration administrative database adjustment to the No Objection position for Thomas Narten
2012-08-22
12 (System) post-migration administrative database adjustment to the No Objection position for Bert Wijnen
2012-08-22
12 (System) post-migration administrative database adjustment to the No Objection position for Harald Alvestrand
2005-04-05
12 Brian Carpenter Shepherding AD has been changed to Russ Housley from Brian Carpenter
2005-03-24
12 Amy Vezza State Changes to RFC Published from RFC Ed Queue by Amy Vezza
2005-03-24
12 Amy Vezza [Note]: 'RFC 4025' added by Amy Vezza
2005-03-24
12 Amy Vezza Shepherding AD has been changed to Brian Carpenter from Steve Bellovin
2005-03-11
12 (System) RFC published
2005-01-20
12 (System) New version available: draft-ietf-ipseckey-rr-12.txt
2004-10-01
12 Amy Vezza State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza
2004-09-30
12 Amy Vezza IESG state changed to Approved-announcement sent
2004-09-30
12 Amy Vezza IESG has approved the document
2004-09-30
12 Amy Vezza Closed "Approve" ballot
2004-09-28
12 Steven Bellovin State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Steve Bellovin
2004-09-28
12 Bert Wijnen [Ballot Position Update] Position for Bert Wijnen has been changed to No Objection from Discuss by Bert Wijnen
2004-09-28
12 (System) Removed from agenda for telechat - 2004-09-27
2004-09-27
12 Thomas Narten [Ballot Position Update] Position for Thomas Narten has been changed to No Objection from Undefined by Thomas Narten
2004-09-27
12 Thomas Narten
[Ballot comment]
New text is better. Thanks. Some minor wordsmithing suggested for first
two paragraphs:

  Suppose we have a host which wishes (or is ...
2004-09-27
12 Thomas Narten [Ballot Position Update] Position for Thomas Narten has been changed to Undefined from Discuss by Thomas Narten
2004-09-27
12 David Kessens [Ballot Position Update] New position, No Objection, has been recorded for David Kessens by David Kessens
2004-09-24
12 Scott Hollenbeck [Ballot Position Update] New position, No Objection, has been recorded for Scott Hollenbeck by Scott Hollenbeck
2004-09-23
12 Steven Bellovin [Note]: 'Back on the ballot to clear Thomas and Bert''s DISCUSS' added by Steve Bellovin
2004-09-23
12 Steven Bellovin Placed on agenda for telechat - 2004-09-27 by Steve Bellovin
2004-07-19
12 (System) Sub state has been changed to AD Follow up from New Id Needed
2004-07-19
11 (System) New version available: draft-ietf-ipseckey-rr-11.txt
2004-04-28
10 (System) New version available: draft-ietf-ipseckey-rr-10.txt
2004-02-02
09 (System) New version available: draft-ietf-ipseckey-rr-09.txt
2003-12-16
08 (System) New version available: draft-ietf-ipseckey-rr-08.txt
2003-12-05
12 Thomas Narten
[Ballot discuss]
Meta issue (this is why I'm putting in a discuss):

Intro (actually no part of the document) actually explains what this
RR is ...
2003-12-05
12 Thomas Narten [Ballot Position Update] New position, Discuss, has been recorded for  by Thomas Narten
2003-12-04
12 Amy Vezza Removed from agenda for telechat - 2003-12-04 by Amy Vezza
2003-12-04
12 Amy Vezza State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Amy Vezza
2003-12-04
12 Harald Alvestrand [Ballot Position Update] Position for Harald Alvestrand has been changed to No Objection from Discuss by Harald Alvestrand
2003-12-04
12 Alex Zinin [Ballot Position Update] New position, No Objection, has been recorded for  by Alex Zinin
2003-12-04
12 Bill Fenner [Ballot Position Update] New position, No Objection, has been recorded for  by Bill Fenner
2003-12-04
12 Margaret Cullen [Ballot Position Update] New position, No Objection, has been recorded for  by Margaret Wasserman
2003-12-04
12 Jon Peterson
[Ballot comment]
The end of Section 4 says:

  Any user of this resource record MUST carefully document their trust
  model, and why the ...
2003-12-04
12 Jon Peterson [Ballot Position Update] New position, No Objection, has been recorded for  by Jon Peterson
2003-12-04
12 Harald Alvestrand
[Ballot discuss]
This may have an easy reply, but....
if one is using unsecured DNS, a man-in-the-middle attack can be mounted. The document claims that ...
2003-12-04
12 Harald Alvestrand [Ballot Position Update] New position, Discuss, has been recorded for  by Harald Alvestrand
2003-12-03
12 Allison Mankin [Ballot Position Update] Position for Allison Mankin has been changed to Yes from Undefined by Allison Mankin
2003-12-03
12 Allison Mankin
[Ballot comment]
Instead of RFC1521 for Base64 (v. old), reference RFC3548.

In the examples, replace ip6.int with ip6.arpa.

In the IANA Considerations, there's a ...
2003-12-03
12 Allison Mankin
[Ballot comment]
Instead of RFC1521 for Base64 (v. old), reference RFC3548.

In the IANA Considerations, there's a typo:

This document creates an IANA registry for ...
2003-12-03
12 Allison Mankin
[Ballot comment]
In the IANA Considerations, there's a typo:

This document creates an IANA registry for the algorithm type field.

  Values 0, 1 and ...
2003-12-03
12 Allison Mankin [Ballot Position Update] New position, Undefined, has been recorded for  by Allison Mankin
2003-12-03
12 Bert Wijnen
[Ballot discuss]
DISCUSS.

From OPS directorate review:

> o draft-ietf-ipseckey-rr-07.txt
> A method for storing IPsec keying material in DNS (Proposed Standard) - 10
> ...
2003-12-03
12 Amy Vezza [Ballot Position Update] New position, Discuss, has been recorded for  by Amy Vezza
2003-12-02
12 Ted Hardie [Ballot Position Update] Position for Ted Hardie has been changed to No Objection from Undefined by Ted Hardie
2003-12-02
12 Ted Hardie
[Ballot comment]
This text:

2.1 IPSECKEY RDATA format

  The RDATA for an IPSECKEY RR consists of a precedence value, a public
  key, algorithm ...
2003-12-02
12 Ted Hardie [Ballot Position Update] New position, Undefined, has been recorded for  by Ted Hardie
2003-11-26
12 Ned Freed [Ballot comment]
No IPR boilerplate
2003-11-26
12 Ned Freed [Ballot Position Update] New position, No Objection, has been recorded for  by Ned Freed
2003-11-25
12 Russ Housley [Ballot Position Update] New position, No Objection, has been recorded for  by Russ Housley
2003-11-25
12 Steven Bellovin State Changes to IESG Evaluation from Waiting for Writeup by Steve Bellovin
2003-11-25
12 Steven Bellovin State Change Notice email list have been change to sra@hactrn.net, weiler@tislabs.com from
2003-11-25
12 Steven Bellovin Placed on agenda for telechat - 2003-12-04 by Steve Bellovin
2003-11-25
12 Steven Bellovin [Ballot Position Update] New position, Yes, has been recorded for Steven Bellovin
2003-11-25
12 Steven Bellovin Ballot has been issued by Steve Bellovin
2003-11-25
12 Steven Bellovin Created "Approve" ballot
2003-11-25
12 (System) Ballot writeup text was added
2003-11-25
12 (System) Last call text was added
2003-11-25
12 (System) Ballot approval text was added
2003-11-17
12 (System) State has been changed to Waiting for Writeup from In Last Call by system
2003-11-03
12 Amy Vezza Last call sent
2003-11-03
12 Amy Vezza State Changes to In Last Call from Last Call Requested by Amy Vezza
2003-11-01
12 Steven Bellovin Intended Status has been changed to Proposed Standard from None
2003-10-24
12 Steven Bellovin State Changes to Last Call Requested from AD Evaluation by Steve Bellovin
2003-09-12
12 Steven Bellovin
Remaining nits:

Remaining nits, for reference:

> Just read -07.  One final nit, sigh: s/ip6.int/ip6.arpa/

And in the IANA section, for the second registry: ...
2003-09-12
12 Steven Bellovin Draft Added by Steve Bellovin
2003-09-05
07 (System) New version available: draft-ietf-ipseckey-rr-07.txt
2003-08-22
06 (System) New version available: draft-ietf-ipseckey-rr-06.txt
2003-07-02
05 (System) New version available: draft-ietf-ipseckey-rr-05.txt
2003-06-17
04 (System) New version available: draft-ietf-ipseckey-rr-04.txt
2003-05-29
03 (System) New version available: draft-ietf-ipseckey-rr-03.txt
2003-05-23
02 (System) New version available: draft-ietf-ipseckey-rr-02.txt
2003-04-29
01 (System) New version available: draft-ietf-ipseckey-rr-01.txt
2003-03-31
00 (System) New version available: draft-ietf-ipseckey-rr-00.txt