2.3.1 DNS Extensions (dnsext)

NOTE: This charter is a snapshot of the 56th IETF Meeting in San Francisco, California USA. It may now be out-of-date.

Last Modified: 2003-02-04

Olafur Gudmundsson <ogud@ogud.com>
Randy Bush <randy@psg.com>
Internet Area Director(s):
Thomas Narten <narten@us.ibm.com>
Erik Nordmark <erik.nordmark@sun.com>
Internet Area Advisor:
Erik Nordmark <erik.nordmark@sun.com>
Mailing Lists:
General Discussion: namedroppers@ops.ietf.org
To Subscribe: namedroppers-request@ops.ietf.org
Archive: ftp://ops.ietf.org/pub/lists/
Description of Working Group:
NOTE: The DNSEXT Working Group actually uses two additional mailing lists.

DNS Security: dnssec@cafax.se To Subscribe: dnssec-request@cafax.se Archive: http://www.cafax.se/dnssec/ and ftp://ftp.cafax.se/pub/archives/dnssec.list Key Distribution: keydist@cafax.se To Subscribe: keydist-request@cafax.se Archive: ftp://ftp.cafax.se/pub/archives/keydist.list

The DNSEXT Working Group has assumed the RFCs and drafts of both the DNSSEC and DNSIND working groups. DNS is originally specified in RFC's 1034 and 1035, with subsequent updates. Within the scope of this WG are protocol issues, including message formats, message handling, and data formats. New work items and milestones may be added from time-to-time with the approval of the Working Group and the IESG.

Issues surrounding the operation of DNS, recommendations concerning the configuration of DNS servers, and other issues with the use of the protocol are out of this Working Group's charter. These issues are considered in other venues, such as operational issues in the DNS Operations Working Group.

Broad topics under consideration in DNSEXT are dynamic update, notify, zone transfers, security and adjustments to address the requirements of IPv6 addressing. Security topics, mostly inherited from the erstwhile DNS Security Extensions Working Group, will be addressed in cooperation with the DNS Operations Working Group.

The principal task within this Working Group is to advance several documents describing proposed extensions to DNS. The current list of documents under consideration for advancement is:

Title RFC Status

DNS Server MIB Extensions RFC1611 Proposed

DNS Resolver MIB Extensions RFC1612 Proposed

Serial Number Arithmetic RFC1982 Proposed

Incremental Zone transfer RFC1995 Proposed

Notify RFC1996 Proposed

DNS SRV service location RFC2052 Experimental

Dynamic Update RFC2136 Proposed

Security for Dynamic Update RFC2137 Proposed

Clarification to DNS RFC2181 Proposed

Negative Caching RFC2308 Proposed

DNS Security Extensions RFC2535 Proposed

DSA KEYs and SIGs RFC2536 Proposed

RSA KEYs and SIGs RFC2537 Proposed

Storing Certificates RFC2538 Proposed

Diffie-Hellman Keys RFC2539 Proposed

Extensions to DNS0 RFC2671 Proposed

Non-Terminal DNS names RFC2672 Proposed

Binary Labels RFC2673 Proposed

Other specific work items are:

o TSIG - transaction signatures in (dnsind-tsig-xx.txt)

o TKEY - Secret Key establishment for DNS (dnsind-tkey-xx.txt)

o Securing dynamic update (dnsind-simple-secure-update-xx.txt)

o Protocol clarifications and corrections for DNSSEC (draft-ietf-dnsind-sig-zero-xx.txt) (draft-ietf-dnsind-zone-secure-xx.txt)

o Clarifications for IANA in DNS assignments (draft-ietf-dnsind-iana-dns-xx.txt)

o Documentation of the zone transfer protocol (AXFR)

o Retirement of DNS MIB's RFC's

New work items may be added from time-to-time with the approval of the Working Group and the IESG.

Goals and Milestones:
Done  Advance RFC2052bis to RFC.
JAN 00  Advance RFC1996 for Draft standard.
Done  Advance TKEY and IANA considerations for IESG consideration
Done  SIG(0) advanced for IESG consideration
Done  RFC1995bis and AXFR advanced for Proposed
MAR 00  RFC2136bis advanced for Proposed standard
Done  IXFR (RFC1995bis) interoperabilty testing complete
APR 00  Serial Number Arithmetic, Notify and DNS Clarify advanced to Draft Standard.
Done  RFC1611 and RFC1612 status chaned to historic.
MAY 00  RFC2308bis advanced for IESG consideration.
Done  Secure update completed and ready for IESG consideration
Done  RFC2137 Obsoleted
JUN 00  Request that TSIG be advanced to Draft Standard
JUL 00  Revised DNSSEC submitted for advancement to Draft Standard
  • - draft-ietf-dnsext-edns1-03.txt
  • - draft-ietf-dnsext-axfr-clarify-05.txt
  • - draft-ietf-dnsext-gss-tsig-06.txt
  • - draft-ietf-dnsext-dhcid-rr-06.txt
  • - draft-ietf-dnsext-dnssec-roadmap-07.txt
  • - draft-ietf-dnsext-unknown-rrs-04.txt
  • - draft-ietf-dnsext-mdns-13.txt
  • - draft-ietf-dnsext-ad-is-secure-06.txt
  • - draft-ietf-dnsext-delegation-signer-13.txt
  • - draft-ietf-dnsext-dnssec-opt-in-05.txt
  • - draft-ietf-dnsext-rfc2536bis-dsa-02.txt
  • - draft-ietf-dnsext-rfc2539bis-dhk-02.txt
  • - draft-ietf-dnsext-dnssec-intro-05.txt
  • - draft-ietf-dnsext-ecc-key-03.txt
  • - draft-ietf-dnsext-tkey-renewal-mode-03.txt
  • - draft-ietf-dnsext-dns-threats-02.txt
  • - draft-ietf-dnsext-dnssec-records-02.txt
  • - draft-dnsext-opcode-discover-01.txt
  • - draft-ietf-dnsext-keyrr-key-signing-flag-06.txt
  • - draft-ietf-dnsext-rfc1886bis-02.txt
  • - draft-ietf-dnsext-dnssec-protocol-01.txt
  • - draft-ietf-dnsext-ipv6-name-auto-reg-00.txt
  • - draft-ietf-dnsext-insensitive-02.txt
  • Request For Comments:
    RFC2782 PS A DNS RR for specifying the location of services (DNS SRV)
    RFC2845StandardSecret Key Transaction Authentication for DNS (TSIG)
    RFC2929BCPDomain Name System (DNS) IANA Considerations
    RFC2930 PS Secret Key Establishment for DNS (TKEY RR)
    RFC2931 PS DNS Request and Transaction Signatures ( SIG(0)s )
    RFC3007 PS Secure Domain Name System (DNS) Dynamic Update
    RFC3008 PS Domain Name System Security (DNSSEC) Signing Authority
    RFC3090 PS DNS Security Extension Clarification on Zone Status
    RFC3110 PS RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS)
    RFC3123 E A DNS RR Type for Lists of Address Prefixes (APL RR)
    RFC3197 I Applicability Statement for DNS MIB Extensions
    RFC3225 PS Indicating Resolver Support of DNSSEC
    RFC3226 PS DNSSEC and IPv6 A6 aware server/resolver message size requirements
    RFC3363 I Representing IPv6 addresses in DNS
    RFC3364 I Tradeoffs in DNS support for IPv6
    RFC3425 PS Obsoleting IQUERY
    RFC3445 PS Limiting the Scope of the KEY Resource Record out

    Current Meeting Report

    None received.


    None received.