Signaling Cryptographic Algorithm Understanding in DNSSEC | |||||||||||||||||
|
The DNS Security Extensions (DNSSEC) were developed to provide origin authentication and integrity protection for DNS data by using digital signatures. These digital signatures can be generated using different algorithms. This draft sets out to specify a way for validating end-system resolvers to signal to a server which digital signature and hash algorithms they support. The proposed extensions allow the signaling of new algorithm uptake in client code to allow zone administrators to know when it is possible to complete an algorithm rollover in a DNSSEC signed zone. |
Last Modified: 2009-04-13
Additional information is available at tools.ietf.org/wg/dnsext
Done | Forward NSEC rdata to IESG for Proposed Standard | |
Done | Forward RFC2535-bis to IESG for proposed standard | |
Done | Forward Case Insensitive to IESG for Proposed Standard | |
Done | Forward LLMNR to IESG for Proposed Standard | |
Done | Update boilerplate text on OPT-IN | |
Done | Forward Wildcard clarification to IESG for proposed standard | |
Feb 2007 | Submit KEY algorithm documents RFC253[69]bis and RFC3110 to IESG for proposed standard | |
Done | Finalize Zone Enumeration Requirements | |
Jun 2007 | Start of process of reviewing the following RFCs and to move them to Draft Standard status | |
Jul 2007 | RFC2930 (TKEY) to Draft standard | |
Jul 2007 | RFC2181 (Clarify) to Draft Standard | |
Jul 2007 | RFC2136 (Dynamic Update) to Draft Standard | |
Jul 2007 | RFC2308 (Neg Caching) to Draft Standard | |
Jul 2007 | RFC3007 (Secure Update) to Draft Standard | |
Jul 2007 | RFC2782 (SRV RR) to Draft Standard | |
Jul 2007 | RFC2671 (EDNS0) to Draft Standard | |
Jul 2007 | RFC1995 (IXFR) to Draft standard | |
Jul 2007 | RFC2672 (DNAME) to Draft Standard or revision | |
Jul 2007 | RFC1996 (Notify) to Draft Standard | |
Jul 2007 | Submit to IESG RFC2845 (TSIG)to Draft standard | |
Jul 2007 | RFC1982 (Serial Number Arithmetic) | |
Jul 2007 | FRC2539 (DH Key RR) to Draft Standard | |
Jul 2007 | RFC3226 (Message Size) to Draft Standard | |
Done | RFC2538 (CERT RR) to Draft Standard | |
Done | Forgery Resilience advanced to IESG | |
Oct 2008 | DNAMEbis advanced to IESG | |
Nov 2008 | ENDS0bis advanced to IESG | |
Nov 2008 | AXFR-clarify advanced to IESG | |
Dec 2008 | DNS-profile advanced to IESG | |
Feb 2009 | RFC2536bis and RFC2539bis advanced to IESG. |