Skip to main content

Document Search

Search page for www.ietf.org website Search page for IETF mail list archives

Document Date Status IPR AD/Shepherd
Active Internet-Drafts (15 hits)
4 pages
draft-bortzmeyer-resinfo-dnssecval-02
DNS Resolver Information Key for DNSSEC Validation
2024-10-07
New
I-D Exists

6 pages
draft-crocker-dnsop-dnssec-algorithm-lifecycle-01
Documenting and Managing DNSSEC Algorithm Lifecycles
2024-10-04
New
I-D Exists

9 pages
draft-cuiling-dnsop-sm2-alg-15
SM2 Digital Signature Algorithm for DNSSEC
2024-01-18
I-D Exists : AUTH48
Sent to the RFC Editor : Informational
Review: dnsdir Early

9 pages
draft-fbw-dnsop-dnszonehop-00
Zone Hopping: A method to prevent zone-walking in DNSSEC
2024-07-21
I-D Exists

36 pages
draft-fregly-dnsop-slh-dsa-mtl-dnssec-03
Stateless Hash-Based Signatures in Merkle Tree Ladder Mode (SLH-DSA-MTL) for DNSSEC
2024-10-08
New
I-D Exists
3
11 pages
draft-fregly-research-agenda-for-pqc-dnssec-01
Research Agenda for a Post-Quantum DNSSEC
2024-06-26
I-D Exists

4 pages
draft-huque-dnsop-keytags-00
Collision Free Keytags for DNSSEC
2024-07-25
I-D Exists

12 pages
draft-huque-dnsop-multi-alg-rules-04
Multiple Algorithm Rules in DNSSEC
2024-07-07
I-D Exists

13 pages
draft-ietf-dnsop-compact-denial-of-existence-04
Compact Denial of Existence in DNSSEC
2024-07-05
I-D Exists
In WG Last Call : Proposed Standard
Reviews: secdir Early dnsdir Early secdir Early
2
Suzanne Woolf
5 pages
draft-ietf-dnsop-must-not-ecc-gost-01
Remove deprecated GOST algorithms from active use within DNSSEC
2024-10-03
New
I-D Exists
WG Document

5 pages
draft-ietf-dnsop-must-not-sha1-01
Remove SHA-1 from active use within DNSSEC
2024-10-03
New
I-D Exists
WG Document

14 pages
draft-ietf-dnsop-rfc7958bis-06
DNSSEC Trust Anchor Publication for the Root Zone
2024-09-04
RFC Ed Queue : EDIT
Submitted to IESG for Publication : Informational
Reviews: secdir dnsdir dnsdir dnsdir genart LC artart LC secdir LC dnsdir LC dnsdir Early opsdir LC
Warren "Ace" Kumari
Suzanne Woolf
12 pages
draft-ietf-dnsop-rfc8624-bis-01
DNSSEC Cryptographic Algorithm Recommendation Update Process
2024-10-09
New
I-D Exists
WG Document

13 pages
draft-ietf-dnsop-svcb-dane-04
Using DNSSEC Authentication of Named Entities (DANE) with DNS Service Bindings (SVCB) and QUIC
2024-07-22
I-D Exists
WG Document
Reviews: secdir Early dnsdir Early

14 pages 2024-07-08
I-D Exists

RFCs (56 hits)
41 pages
RFC 2065
Domain Name System Security Extensions
1997-01
Proposed Standard RFC
Obsoleted by rfc2535

11 pages
RFC 2137
Secure Domain Name System Dynamic Update
1997-04
Proposed Standard RFC
Obsoleted by rfc3007

47 pages
RFC 2535
Domain Name System Security Extensions Errata
1999-03
Proposed Standard RFC
Obsoleted by rfc4033, rfc4034, rfc4035
Updated by rfc2931, rfc3007, rfc3008, rfc3090, rfc3226, rfc3445, rfc3597, rfc3655, rfc3658, rfc3755, rfc3757, rfc3845

6 pages
RFC 2536
DSA KEYs and SIGs in the Domain Name System (DNS)
1999-03
Proposed Standard RFC
Updated by rfc6944

6 pages
RFC 2537
RSA/MD5 KEYs and SIGs in the Domain Name System (DNS)
1999-03
Proposed Standard RFC
Obsoleted by rfc3110

10 pages
RFC 2538
Storing Certificates in the Domain Name System (DNS)
1999-03
Proposed Standard RFC
Obsoleted by rfc4398

7 pages
RFC 2539
Storage of Diffie-Hellman Keys in the Domain Name System (DNS)
1999-03
Proposed Standard RFC
Updated by rfc6944

6 pages
RFC 2540
Detached Domain Name System (DNS) Information
1999-03
Experimental RFC

7 pages
RFC 2541
DNS Security Operational Considerations
1999-03
Informational RFC
Obsoleted by rfc4641

7 pages
RFC 3008
Domain Name System Security (DNSSEC) Signing Authority
2000-11
Proposed Standard RFC
Obsoleted by rfc4033, rfc4034, rfc4035
Updated by rfc3658

10 pages
RFC 3130
Notes from the State-Of-The-Technology: DNSSEC
2001-06
Informational RFC

6 pages
RFC 3225
Indicating Resolver Support of DNSSEC
2001-12
Proposed Standard RFC
Updated by rfc4033, rfc4034, rfc4035

6 pages
RFC 3226
DNSSEC and IPv6 A6 aware server/resolver message size requirements Errata
2001-12
Proposed Standard RFC
Updated by rfc4033, rfc4034, rfc4035

10 pages
RFC 3445
Limiting the Scope of the KEY Resource Record (RR) Errata
2002-12
Proposed Standard RFC
Obsoleted by rfc4033, rfc4034, rfc4035
Erik Nordmark
9 pages
RFC 3755
Legacy Resolver Compatibility for Delegation Signer (DS)
2004-05
Proposed Standard RFC
Obsoleted by rfc4033, rfc4034, rfc4035
Updated by rfc3757, rfc3845
Dr. Thomas Narten
7 pages
RFC 3845
DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format
2004-08
Proposed Standard RFC
Obsoleted by rfc4033, rfc4034, rfc4035
Dr. Thomas Narten
21 pages
RFC 4033
DNS Security Introduction and Requirements Errata
2005-03
Proposed Standard RFC
Updated by rfc6014, rfc6840
2 Dr. Thomas Narten
29 pages
RFC 4034
Resource Records for the DNS Security Extensions Errata
2005-03
Proposed Standard RFC
Updated by rfc4470, rfc6014, rfc6840, rfc6944, rfc9077
3 Dr. Thomas Narten
53 pages
RFC 4035
Protocol Modifications for the DNS Security Extensions Errata
2005-03
Proposed Standard RFC
Updated by rfc4470, rfc6014, rfc6840, rfc8198, rfc9077, rfc9520
2 Dr. Thomas Narten
4 pages
RFC 4431
The DNSSEC Lookaside Validation (DLV) DNS Resource Record
2006-02
Historic RFC
Margaret Cullen
8 pages
RFC 4470
Minimally Covering NSEC Records and DNSSEC On-line Signing Errata
2006-04
Proposed Standard RFC
Margaret Cullen
7 pages
RFC 4509
Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource Records (RRs) Errata
2006-05
Proposed Standard RFC
Margaret Cullen
35 pages
RFC 4641
DNSSEC Operational Practices Errata
2006-09
Informational RFC
Obsoleted by rfc6781
David Kessens
7 pages
RFC 4955
DNS Security (DNSSEC) Experiments
2007-07
Proposed Standard RFC
Mark Townsley
17 pages
RFC 4956
DNS Security (DNSSEC) Opt-In Errata
2007-07
Experimental RFC
Mark Townsley
11 pages
RFC 4986
Requirements Related to DNS Security (DNSSEC) Trust Anchor Rollover
2007-08
Informational RFC
Mark Townsley
14 pages
RFC 5011
Automated Updates of DNS Security (DNSSEC) Trust Anchors
2007-09
Internet Standard RFC
Also known as STD 74
2 Mark Townsley
11 pages
RFC 5074
DNSSEC Lookaside Validation (DLV)
2007-11
Historic RFC
Russ Housley
52 pages
RFC 5155
DNS Security (DNSSEC) Hashed Authenticated Denial of Existence Errata
2008-03
Proposed Standard RFC
Updated by rfc6840, rfc6944, rfc9077, rfc9157, rfc9276
2 Mark Townsley
10 pages
RFC 5702
Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC Errata
2009-10
Proposed Standard RFC
Updated by rfc6944
Ralph Droms
9 pages
RFC 5933
Use of GOST Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC
2010-07
Historic RFC
Updated by rfc6944
Ralph Droms
6 pages
RFC 6014
Cryptographic Algorithm Identifier Allocation for DNSSEC
2010-11
Proposed Standard RFC
Updated by rfc9157
Ralph Droms
8 pages
RFC 6605
Elliptic Curve Digital Signature Algorithm (DSA) for DNSSEC
2012-04
Proposed Standard RFC
Ralph Droms
5 pages
RFC 6725
DNS Security (DNSSEC) DNSKEY Algorithm IANA Registry Updates
2012-08
Proposed Standard RFC
Ralph Droms
71 pages
RFC 6781
DNSSEC Operational Practices, Version 2 Errata
2012-12
Informational RFC
Ron Bonica
21 pages
RFC 6840
Clarifications and Implementation Notes for DNS Security (DNSSEC) Errata
2013-02
Proposed Standard RFC
Updated by rfc8749
Ralph Droms
27 pages
RFC 6841
A Framework for DNSSEC Policies and DNSSEC Practice Statements
2013-01
Informational RFC
Ron Bonica
7 pages
RFC 6944
Applicability Statement: DNS Security (DNSSEC) DNSKEY Algorithm Implementation Status Errata
2013-04
Proposed Standard RFC
Obsoleted by rfc8624
Ralph Droms
9 pages
RFC 6975
Signaling Cryptographic Algorithm Understanding in DNS Security Extensions (DNSSEC)
2013-07
Proposed Standard RFC
Ted Lemon
18 pages
RFC 7344
Automating DNSSEC Delegation Trust Maintenance Errata
2014-09
Proposed Standard RFC
Updated by rfc8078, rfc9615
Joel Jaeggli
31 pages
RFC 7583
DNSSEC Key Rollover Timing Considerations
2015-10
Informational RFC
Joel Jaeggli
16 pages
RFC 7646
Definition and Use of DNSSEC Negative Trust Anchors
2015-09
Informational RFC
Joel Jaeggli
14 pages
RFC 7958
DNSSEC Trust Anchor Publication for the Root Zone Errata
2016-08
Informational RFC

19 pages
RFC 8027
DNSSEC Roadblock Avoidance Errata
2016-11
Best Current Practice RFC
Also known as BCP 207
Joel Jaeggli
7 pages
RFC 8080
Edwards-Curve Digital Security Algorithm (EdDSA) for DNSSEC Errata
2017-02
Proposed Standard RFC
Stephen Farrell
13 pages
RFC 8145
Signaling Trust Anchor Knowledge in DNS Security Extensions (DNSSEC)
2017-04
Proposed Standard RFC
Updated by rfc8553
Joel Jaeggli
13 pages
RFC 8198
Aggressive Use of DNSSEC-Validated Cache
2017-07
Proposed Standard RFC
Updated by rfc9077
Terry Manderson
19 pages
RFC 8509
A Root Key Trust Anchor Sentinel for DNSSEC
2018-12
Proposed Standard RFC
Terry Manderson
11 pages
RFC 8624
Algorithm Implementation Requirements and Usage Guidance for DNSSEC Errata
2019-06
Proposed Standard RFC
Updated by rfc9157
Warren "Ace" Kumari
6 pages
RFC 8749
Moving DNSSEC Lookaside Validation (DLV) to Historic Status
2020-03
Proposed Standard RFC
Warren "Ace" Kumari
13 pages
RFC 8901
Multi-Signer DNSSEC Models
2020-09
Informational RFC
Warren "Ace" Kumari
43 pages
RFC 9102
TLS DNSSEC Chain Extension Errata
2021-08
Experimental RFC

5 pages
RFC 9157
Revised IANA Considerations for DNSSEC
2021-12
Proposed Standard RFC
Warren "Ace" Kumari
10 pages
RFC 9364
DNS Security Extensions (DNSSEC)
2023-02
Best Current Practice RFC
Also known as BCP 237
Warren "Ace" Kumari
9 pages
RFC 9558
Use of GOST 2012 Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC
2024-04
Informational RFC

12 pages
RFC 9615
Automatic DNSSEC Bootstrapping Using Authenticated Signals from the Zone's Operator Errata
2024-07
Proposed Standard RFC
Warren "Ace" Kumari