Thanks to everyone who helped move this document through the process! On 8/24/21 12:28 AM, [email protected] wrote: > A new Request for Comments is now available in online RFC libraries. > > > RFC 9103 > > Title: DNS Zone Transfer over TLS > Author: W. Toorop, > S. Dickinson, > S. Sahib, > P. Aras, > A. Mankin > Status: Standards Track > Stream: IETF > Date: August 2021 > Mailbox: [email protected], > [email protected], > [email protected], > [email protected], > [email protected] > Pages: 32 > Updates: RFC 1995, RFC 5936, RFC 7766 > > I-D Tag: draft-ietf-dprive-xfr-over-tls-12.txt > > URL: https://www.rfc-editor.org/info/rfc9103 > > DOI: 10.17487/RFC9103 > > DNS zone transfers are transmitted in cleartext, which gives > attackers the opportunity to collect the content of a zone by > eavesdropping on network connections. The DNS Transaction Signature > (TSIG) mechanism is specified to restrict direct zone transfer to > authorized clients only, but it does not add confidentiality. This > document specifies the use of TLS, rather than cleartext, to prevent > zone content collection via passive monitoring of zone transfers: XFR > over TLS (XoT). Additionally, this specification updates RFC 1995 and > RFC 5936 with respect to efficient use of TCP connections and RFC > 7766 with respect to the recommended number of connections between a > client and server for each transport. > > This document is a product of the DNS PRIVate Exchange Working Group of the > IETF. > > This is now a Proposed Standard. > > STANDARDS TRACK: This document specifies an Internet Standards Track > protocol for the Internet community, and requests discussion and suggestions > for improvements. Please refer to the current edition of the Official > Internet Protocol Standards (https://www.rfc-editor.org/standards) for the > standardization state and status of this protocol. Distribution of this > memo is unlimited. > > This announcement is sent to the IETF-Announce and rfc-dist lists. > To subscribe or unsubscribe, see > https://www.ietf.org/mailman/listinfo/ietf-announce > https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist > > For searching the RFC series, see https://www.rfc-editor.org/search > For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk > > Requests for special distribution should be addressed to either the > author of the RFC in question, or to [email protected]. Unless > specifically noted otherwise on the RFC itself, all RFCs are for > unlimited distribution. > > > The RFC Editor Team > Association Management Solutions, LLC > > _______________________________________________ > dns-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dns-privacy >
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
