‹ Back
Domain Name System Security Extensions (DNSSEC) 30 December 2011

DNSSEC RFCs

DNSSEC was originally specified in the following three RFCs:

  • RFC 4033 – DNS Security Introduction and Requirements
  • RFC 4034 – Resource Records for the DNS Security Extensions
  • RFC 4035 – Protocol Modifications for the DNS Security Extensions

Subsequently, the following additional RFCs have been issued related to DNSSEC:

  • RFC 4470 – Minimally Covering NSEC Records and DNSSEC On-line Signing
  • RFC 4641 – DNSSEC Operational Practices
  • RFC 5155 – DNS Security (DNSSEC) Hashed Authenticated Denial of Existence
  • RFC 6014 – Cryptographic Algorithm Identifier Allocation for DNSSEC

Another RFC that may be of interest is:

  • RFC 4398 – Storing Certificates in the Domain Name System (DNS)
‹ Back

Related articles

Building Trust 1 October 2017

DNSSEC

The Domain Name System (DNS), the Internet’s addressing system, is the most critical component of the Internet infrastructure. As...

Deploy360 3 April 2017

Introduction to PKIs & CAs

In order to be trusted, the Internet must provide channels for secure and private communication between entities, which can...

Domain Name System (DNS) 31 December 2016

State of DNSSEC Deployment 2016

This report provides a snapshot of the state of deployment of DNSSEC as of the end of 2016. Please download...

Join the conversation with Internet Society members around the world