• 
• Home
• About the IETF
• Mission
• Standards Process
• Note Well
• NomCom
• Blog
• Info for Newcomers
• Internet-Drafts
• Datatracker
• Search
• Submit
• RFC Pages
• Search RFC Ed Index
• RFC Editor Queue
• IANA Pages
• Protocol Parameters
• Working Groups
• WG Charters
• Email Lists
• WG Chairs' Page
• Resources
• Community Tools
• Tools Team Pages
• Edu Team Pages
• Tutorials
• Wikis
• Meetings
• Upcoming Meetings
• Past Meetings
• Interim Meetings
• Important Dates
• Proceedings
• Mailing Lists
• Announcement Lists
• Discussion Lists
• Non-WG Lists
• IESG
• Announcements
• Statements
• Members
• Minutes
• IPR
• IPR Policy
• File a Disclosure
• Disclosure Search
• Liaisons
• Liaison Statements
• Liaison Managers
• Contact
• IETF Secretariat^®
• Media
• Subpoenas
• Report Web Site Errors
• Customize View
  
• Brief
• Normal
• Extended
• Advanced
• (Requires Javascript)

Domain Name System Security (dnssec)

Charter































Status: Concluded December, 1999 































































Chair(s):































































 James Galvin 































































Description of Working Group:































The Domain Name System Security Working Group (DNSSEC) will ensure































enhancements to the secure DNS protocol to protect the dynamic update































operation of the DNS. Specifically, it must be possible to detect the































replay of update transactions and it must be possible to order update































transactions. Clock synchronization should be addressed as well as all































of the dynamic update specification.































































Some of the issues to be explored and resolved include































































o scope of creation, deletion, and updates for both names and zones































































o protection of names subject to dynamic update during zone transfer































































o scope of KEY resource record for more specific names in wildcard































  scope































































o use of or relationship with proposed expiration resource record































































One essential assumption has been identified: data in the DNS is































considered public information. This assumption means that discussions































and proposals involving data confidentiality and access control are































explicitly outside the scope of this working group.

Request for Comments:

• RFC2065 Domain Name System Security Extensions (Proposed Standard)
• RFC2137 Secure Domain Name System Dynamic Update (Proposed Standard)
• RFC2535 Domain Name System Security Extensions (Proposed Standard)
• RFC2536 DSA KEYs and SIGs in the Domain Name System (DNS) (Proposed Standard)
• RFC2537 RSA/MD5 KEYs and SIGs in the Domain Name System (DNS) (Proposed Standard)
• RFC2538 Storing Certificates in the Domain Name System (DNS) (Proposed Standard)
• RFC2539 Storage of Diffie-Hellman Keys in the Domain Name System (DNS) (Proposed Standard)
• RFC2540 Detached Domain Name System (DNS) Information (Experimental)
• RFC2541 DNS Operational Security Considerations (Informational)

Home - Tools Team - Datatracker - Web Site Usage Stats - IASA - IAB - RFC Editor - IANA - IRTF - IETF Trust - ISOC - IETF Journal - Store - Contact Us
Secretariat services provided by Association Management Solutions, LLC (AMS).
Please send problem reports to: ietf-action@ietf.org.