DNSSEC RFCs

DNSSEC was originally specified in the following three RFCs:

  • RFC 4033 – DNS Security Introduction and Requirements
  • RFC 4034 – Resource Records for the DNS Security Extensions
  • RFC 4035 – Protocol Modifications for the DNS Security Extensions

Subsequently, the following additional RFCs have been issued related to DNSSEC:

  • RFC 4470 – Minimally Covering NSEC Records and DNSSEC On-line Signing
  • RFC 4641 – DNSSEC Operational Practices
  • RFC 5155 – DNS Security (DNSSEC) Hashed Authenticated Denial of Existence
  • RFC 6014 – Cryptographic Algorithm Identifier Allocation for DNSSEC

Another RFC that may be of interest is:

  • RFC 4398 – Storing Certificates in the Domain Name System (DNS)
December 30th, 2011 by | Posted in DNSSEC, Information | 2 Comments

2 Responses to DNSSEC RFCs

  1. Just to mention that RFC 4641 has been obsoleted by RFC 6781 “DNSSEC Operational Practices, Version 2”.

Leave a Reply

Your email address will not be published. Required fields are marked *