Donate
‹ Back
Domain Name System Security Extensions (DNSSEC) 30 December 2011

DNSSEC RFCs

DNSSEC was originally specified in the following three RFCs:

  • RFC 4033 – DNS Security Introduction and Requirements
  • RFC 4034 – Resource Records for the DNS Security Extensions
  • RFC 4035 – Protocol Modifications for the DNS Security Extensions

Subsequently, the following additional RFCs have been issued related to DNSSEC:

  • RFC 4470 – Minimally Covering NSEC Records and DNSSEC On-line Signing
  • RFC 4641 –¬†DNSSEC Operational Practices
  • RFC 5155 – DNS Security (DNSSEC) Hashed Authenticated Denial of Existence
  • RFC 6014 – Cryptographic Algorithm Identifier Allocation for DNSSEC

Another RFC that may be of interest is:

  • RFC 4398 – Storing Certificates in the Domain Name System (DNS)
‹ Back

Related resources

DNSSEC:NSEC vs. NSEC3
Domain Name System Security Extensions (DNSSEC)8 August 2014

DNSSEC:NSEC vs. NSEC3

The Domain Name System Security Extensions(DNSSEC) provide two different records for securely handling non-existent names in DNS, NSEC and NSEC3....

DNS Considerations for IPv6
Domain Name System (DNS)18 June 2014

DNS Considerations for IPv6

With so much information on IPv6 focusing on connectivity, it's sometimes important to remember that deploying IPv6 for actual use...

State of DNSSEC Deployment 2016
State of DNSSEC Deployment 2016
Domain Name System (DNS)31 December 2016

State of DNSSEC Deployment 2016

This report provides a snapshot of the state of deployment of DNSSEC as of the end of 2016. Please download the...

Join the conversation with Internet Society members around the world