Skip to main content

Concluded WG DNS Extensions (dnsext)

Document Date Status IPR AD/Shepherd
RFCs (62 hits)
12 pages
RFC 2782 (was draft-ietf-dnsind-rfc2052bis)
A DNS RR for specifying the location of services (DNS SRV) Errata
2000-02 Proposed Standard RFC
Updated by RFC 6335, RFC 8553

15 pages
RFC 2845 (was draft-ietf-dnsext-tsig)
Secret Key Transaction Authentication for DNS (TSIG)
2000-05 Proposed Standard RFC
Obsoleted by RFC 8945
Updated by RFC 3645, RFC 4635, RFC 6895

12 pages
RFC 2929 (was draft-ietf-dnsext-iana-dns)
Domain Name System (DNS) IANA Considerations
2000-09 Best Current Practice RFC
Obsoleted by RFC 5395

16 pages
RFC 2930 (was draft-ietf-dnsext-tkey)
Secret Key Establishment for DNS (TKEY RR)
2000-09 Proposed Standard RFC
Updated by RFC 6895

10 pages
RFC 2931 (was draft-ietf-dnsext-sig-zero)
DNS Request and Transaction Signatures ( SIG(0)s )
2000-09 Proposed Standard RFC
9 pages
RFC 3007 (was draft-ietf-dnsext-simple-secure-update)
Secure Domain Name System (DNS) Dynamic Update
2000-11 Proposed Standard RFC
Updated by RFC 4033, RFC 4034, RFC 4035

7 pages
RFC 3008 (was draft-ietf-dnsext-signing-auth)
Domain Name System Security (DNSSEC) Signing Authority
2000-11 Proposed Standard RFC
Obsoleted by RFC 4033, RFC 4034, RFC 4035
Updated by RFC 3658

11 pages
RFC 3090 (was draft-ietf-dnsext-zone-status)
DNS Security Extension Clarification on Zone Status
2001-03 Proposed Standard RFC
Obsoleted by RFC 4033, RFC 4034, RFC 4035
Updated by RFC 3658

7 pages
RFC 3110 (was draft-ietf-dnsext-rsa)
RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS) Errata
2001-05 Proposed Standard RFC
Updated by RFC 6944

8 pages
RFC 3123 (was draft-ietf-dnsext-apl-rr)
A DNS RR Type for Lists of Address Prefixes (APL RR)
2001-06 Experimental RFC
5 pages
RFC 3197 (was draft-ietf-dnsext-dnsmib-historical)
Applicability Statement for DNS MIB Extensions
2001-11 Informational RFC
6 pages
RFC 3225 (was draft-ietf-dnsext-dnssec-okbit)
Indicating Resolver Support of DNSSEC
2001-12 Proposed Standard RFC
Updated by RFC 4033, RFC 4034, RFC 4035

6 pages
RFC 3226 (was draft-ietf-dnsext-message-size)
DNSSEC and IPv6 A6 aware server/resolver message size requirements Errata
2001-12 Proposed Standard RFC
Updated by RFC 4033, RFC 4034, RFC 4035

6 pages
RFC 3363 (was draft-ietf-dnsext-ipv6-addresses)
Representing Internet Protocol version 6 (IPv6) Addresses in the Domain Name System (DNS)
2002-08 Informational RFC
Updated by RFC 6672
Dr. Thomas Narten
11 pages
RFC 3364 (was draft-ietf-dnsext-ipv6-dns-tradeoffs)
Tradeoffs in Domain Name System (DNS) Support for Internet Protocol version 6 (IPv6) Errata
2002-08 Informational RFC Dr. Thomas Narten
5 pages
RFC 3425 (was draft-ietf-dnsext-obsolete-iquery)
Obsoleting IQUERY
2002-11 Proposed Standard RFC Erik Nordmark
10 pages
RFC 3445 (was draft-ietf-dnsext-restrict-key-for-dnssec)
Limiting the Scope of the KEY Resource Record (RR) Errata
2002-12 Proposed Standard RFC
Obsoleted by RFC 4033, RFC 4034, RFC 4035
Erik Nordmark
8 pages
RFC 3596 (was draft-ietf-dnsext-rfc1886bis)
DNS Extensions to Support IP Version 6
2003-10
Internet Standard RFC
Erik Nordmark
8 pages
RFC 3597 (was draft-ietf-dnsext-unknown-rrs)
Handling of Unknown DNS Resource Record (RR) Types Errata
2003-09
Proposed Standard RFC
Updated by RFC 4033, RFC 4034, RFC 4035, RFC 5395, RFC 6195, RFC 6895
Ralph Droms
26 pages
RFC 3645 (was draft-ietf-dnsext-gss-tsig)
Generic Security Service Algorithm for Secret Key Transaction Authentication for DNS (GSS-TSIG)
2003-10 Proposed Standard RFC Erik Nordmark
8 pages
RFC 3655 (was draft-ietf-dnsext-ad-is-secure)
Redefinition of DNS Authenticated Data (AD) bit
2003-11 Proposed Standard RFC
Obsoleted by RFC 4033, RFC 4034, RFC 4035
Erik Nordmark
19 pages
RFC 3658 (was draft-ietf-dnsext-delegation-signer)
Delegation Signer (DS) Resource Record (RR)
2003-12
Proposed Standard RFC
Obsoleted by RFC 4033, RFC 4034, RFC 4035
Updated by RFC 3755
Dr. Thomas Narten
9 pages
RFC 3755 (was draft-ietf-dnsext-dnssec-2535typecode-change)
Legacy Resolver Compatibility for Delegation Signer (DS)
2004-05 Proposed Standard RFC
Obsoleted by RFC 4033, RFC 4034, RFC 4035
Updated by RFC 3757, RFC 3845
Dr. Thomas Narten
8 pages
RFC 3757 (was draft-ietf-dnsext-keyrr-key-signing-flag)
Domain Name System KEY (DNSKEY) Resource Record (RR) Secure Entry Point (SEP) Flag Errata
2004-05 Proposed Standard RFC
Obsoleted by RFC 4033, RFC 4034, RFC 4035
Dr. Thomas Narten
16 pages
RFC 3833 (was draft-ietf-dnsext-dns-threats)
Threat Analysis of the Domain Name System (DNS)
2004-08 Informational RFC Dr. Thomas Narten
7 pages
RFC 3845 (was draft-ietf-dnsext-nsec-rdata)
DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format
2004-08 Proposed Standard RFC
Obsoleted by RFC 4033, RFC 4034, RFC 4035
Dr. Thomas Narten
21 pages
RFC 4033 (was draft-ietf-dnsext-dnssec-intro)
DNS Security Introduction and Requirements Errata
2005-03 Proposed Standard RFC
Updated by RFC 6014, RFC 6840
2 Dr. Thomas Narten
29 pages
RFC 4034 (was draft-ietf-dnsext-dnssec-records)
Resource Records for the DNS Security Extensions Errata
2005-03 Proposed Standard RFC
Updated by RFC 4470, RFC 6014, RFC 6840, RFC 6944, RFC 9077
3 Dr. Thomas Narten
53 pages
RFC 4035 (was draft-ietf-dnsext-dnssec-protocol)
Protocol Modifications for the DNS Security Extensions Errata
2005-03 Proposed Standard RFC
Updated by RFC 4470, RFC 6014, RFC 6840, RFC 8198, RFC 9077
2 Dr. Thomas Narten
10 pages
RFC 4343 (was draft-ietf-dnsext-insensitive)
Domain Name System (DNS) Case Insensitivity Clarification Errata
2006-01 Proposed Standard RFC Margaret Cullen
17 pages
RFC 4398 (was draft-ietf-dnsext-rfc2538bis)
Storing Certificates in the Domain Name System (DNS) Errata
2006-03 Proposed Standard RFC
Updated by RFC 6944
2 Margaret Cullen
8 pages
RFC 4470 (was draft-ietf-dnsext-dnssec-online-signing)
Minimally Covering NSEC Records and DNSSEC On-line Signing Errata
2006-04 Proposed Standard RFC Margaret Cullen
23 pages
RFC 4471 (was draft-ietf-dnsext-dns-name-p-s)
Derivation of DNS Name Predecessor and Successor
2006-09 Experimental RFC Mark Townsley
7 pages
RFC 4509 (was draft-ietf-dnsext-ds-sha256)
Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource Records (RRs) Errata
2006-05 Proposed Standard RFC Margaret Cullen
20 pages
RFC 4592 (was draft-ietf-dnsext-wcard-clarify)
The Role of Wildcards in the Domain Name System Errata
2006-07 Proposed Standard RFC Margaret Cullen
8 pages
RFC 4635 (was draft-ietf-dnsext-tsig-sha)
HMAC SHA (Hashed Message Authentication Code, Secure Hash Algorithm) TSIG Algorithm Identifiers Errata
2006-08 Proposed Standard RFC
Obsoleted by RFC 8945
Margaret Cullen
12 pages
RFC 4701 (was draft-ietf-dnsext-dhcid-rr)
A DNS Resource Record (RR) for Encoding Dynamic Host Configuration Protocol (DHCP) Information (DHCID RR) Errata
2006-10 Proposed Standard RFC
Updated by RFC 5494
Margaret Cullen
31 pages
RFC 4795 (was draft-ietf-dnsext-mdns)
Link-local Multicast Name Resolution (LLMNR) Errata
2007-01 Informational RFC Mark Townsley
7 pages
RFC 4955 (was draft-ietf-dnsext-dnssec-experiments)
DNS Security (DNSSEC) Experiments
2007-07 Proposed Standard RFC Mark Townsley
17 pages
RFC 4956 (was draft-ietf-dnsext-dnssec-opt-in)
DNS Security (DNSSEC) Opt-In Errata
2007-07 Experimental RFC Mark Townsley
11 pages
RFC 4986 (was draft-ietf-dnsext-rollover-requirements)
Requirements Related to DNS Security (DNSSEC) Trust Anchor Rollover
2007-08 Informational RFC Mark Townsley
11 pages
RFC 5001 (was draft-ietf-dnsext-nsid)
DNS Name Server Identifier (NSID) Option
2007-08 Proposed Standard RFC Mark Townsley
14 pages
RFC 5011 (was draft-ietf-dnsext-trustupdate-timers)
Automated Updates of DNS Security (DNSSEC) Trust Anchors
2007-09 Internet Standard RFC 4 Mark Townsley
52 pages
RFC 5155 (was draft-ietf-dnsext-nsec3)
DNS Security (DNSSEC) Hashed Authenticated Denial of Existence Errata
2008-03 Proposed Standard RFC
Updated by RFC 6840, RFC 6944, RFC 9077, RFC 9157, RFC 9276
2 Mark Townsley
17 pages
RFC 5395 (was draft-ietf-dnsext-2929bis)
Domain Name System (DNS) IANA Considerations Errata
2008-11 Best Current Practice RFC
Obsoleted by RFC 6195
Mark Townsley
18 pages
RFC 5452 (was draft-ietf-dnsext-forgery-resilience)
Measures for Making DNS More Resilient against Forged Answers
2009-01 Proposed Standard RFC Mark Townsley
12 pages
RFC 5625 (was draft-ietf-dnsext-dnsproxy)
DNS Proxy Implementation Guidelines
2009-08 Best Current Practice RFC Ralph Droms
10 pages
RFC 5702 (was draft-ietf-dnsext-dnssec-rsasha256)
Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC Errata
2009-10 Proposed Standard RFC
Updated by RFC 6944
Ralph Droms
9 pages
RFC 5933 (was draft-ietf-dnsext-dnssec-gost)
Use of GOST Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC
2010-07 Proposed Standard RFC
Updated by RFC 6944
Ralph Droms
29 pages
RFC 5936 (was draft-ietf-dnsext-axfr-clarify)
DNS Zone Transfer Protocol (AXFR)
2010-06
Proposed Standard RFC
Updated by RFC 9103
Ralph Droms
7 pages
RFC 5966 (was draft-ietf-dnsext-dns-tcp-requirements)
DNS Transport over TCP - Implementation Requirements
2010-08 Proposed Standard RFC
Obsoleted by RFC 7766
Ralph Droms
6 pages
RFC 6014 (was draft-ietf-dnsext-dnssec-alg-allocation)
Cryptographic Algorithm Identifier Allocation for DNSSEC
2010-11 Proposed Standard RFC
Updated by RFC 9157
Ralph Droms
17 pages
RFC 6195 (was draft-ietf-dnsext-5395bis)
Domain Name System (DNS) IANA Considerations
2011-03 Best Current Practice RFC
Obsoleted by RFC 6895
Ralph Droms
5 pages
RFC 6604 (was draft-ietf-dnsext-xnamercode)
xNAME RCODE and Status Bits Clarification
2012-04 Proposed Standard RFC Ralph Droms
8 pages
RFC 6605 (was draft-ietf-dnsext-ecdsa)
Elliptic Curve Digital Signature Algorithm (DSA) for DNSSEC
2012-04 Proposed Standard RFC 1 Ralph Droms
22 pages
RFC 6672 (was draft-ietf-dnsext-rfc2672bis-dname)
DNAME Redirection in the DNS Errata
2012-06 Proposed Standard RFC Ralph Droms
Andrew Sullivan
5 pages
RFC 6725 (was draft-ietf-dnsext-dnssec-registry-update)
DNS Security (DNSSEC) DNSKEY Algorithm IANA Registry Updates
2012-08 Proposed Standard RFC Ralph Droms
21 pages
RFC 6840 (was draft-ietf-dnsext-dnssec-bis-updates)
Clarifications and Implementation Notes for DNS Security (DNSSEC) Errata
2013-02 Proposed Standard RFC
Updated by RFC 8749
Ralph Droms
Andrew Sullivan
16 pages
RFC 6891 (was draft-ietf-dnsext-rfc2671bis-edns0)
Extension Mechanisms for DNS (EDNS(0)) Errata
2013-04 Internet Standard RFC Ralph Droms
19 pages
RFC 6895 (was draft-ietf-dnsext-rfc6195bis)
Domain Name System (DNS) IANA Considerations
2013-04 Best Current Practice RFC Ralph Droms
7 pages
RFC 6944 (was draft-ietf-dnsext-dnssec-algo-imp-status)
Applicability Statement: DNS Security (DNSSEC) DNSKEY Algorithm Implementation Status Errata
2013-04 Proposed Standard RFC
Obsoleted by RFC 8624
Ralph Droms
9 pages
RFC 6975 (was draft-ietf-dnsext-dnssec-algo-signal)
Signaling Cryptographic Algorithm Understanding in DNS Security Extensions (DNSSEC)
2013-07 Proposed Standard RFC Ted Lemon