2.6.4 Domain Name System Security (dnssec)

This Working Group Did Not Meet

NOTE: This charter is a snapshot of the 39th IETF Meeting in Munich, Bavaria, Germany. It may now be out-of-date.


James Galvin <galvin@commerce.net>

Security Area Director(s):

Jeffrey Schiller <jis@mit.edu>

Security Area Advisor:

Jeffrey Schiller <jis@mit.edu>

Mailing Lists:

General Discussion: dns-security@tis.com
To Subscribe: dns-security-request@tis.com
Archive: ftp://ftp.tis.com/pub/lists/dns-security

Description of Working Group:

The Domain Name System Security Working Group (DNSSEC) will ensure enhancements to the secure DNS protocol to protect the dynamic update operation of the DNS. Specifically, it must be possible to detect the replay of update transactions and it must be possible to order update transactions. Clock synchronization should be addressed as well as all of the dynamic update specification.

Some of the issues to be explored and resolved include:

One essential assumption has been identified: data in the DNS is considered public information. This assumption means that discussions and proposals involving data confidentiality and access control are explicitly outside the scope of this working group.

Goals and Milestones:



Submit proposal for adding Security enhancements to DNS as an Internet-Draft.



Update Internet-Draft on adding security enhancements to DNS.

Apr 96


Submit Internet-Draft on Secure Dynamic Update

Aug 96


Update Internet-Draft on Secure Dynamic Update.

Dec 96


Submit Internet-Draft on ensuring security of dynamic update of DNS to IESG for consideration as a Proposed Standard.


Request For Comments:







Domain Name System Security Extensions



Secure Domain Name System Dynamic Update

Previous PageNext Page