[DNSOP] Last Call: (Secret Key Transaction Authentication for DNS (TSIG)) to Internet Standard

Tue, 07 Jan 2020 14:21:49 -0800 


[ Note to readers: Section 10.1 ("Issue Fixed in this Document") is useful to 
understand the reason for this document. I'm asking the authors to please put a 
pointer (or similar) to this in the abstract. ]

The IESG has received a request from the Domain Name System Operations WG
(dnsop) to consider the following document: - 'Secret Key Transaction
Authentication for DNS (TSIG)'
  <draft-ietf-dnsop-rfc2845bis-06.txt> as Internet Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
[email protected] mailing lists by 2020-01-21. Exceptionally, comments may
be sent to [email protected] instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


   This document describes a protocol for transaction level
   authentication using shared secrets and one way hashing.  It can be
   used to authenticate dynamic updates as coming from an approved
   client, or to authenticate responses as coming from an approved name
   server.

   No recommendation is made here for distributing the shared secrets:
   it is expected that a network administrator will statically configure
   name servers and clients using some out of band mechanism.

   This document obsoletes RFC2845 and RFC4635.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc2845bis/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc2845bis/ballot/


No IPR declarations have been submitted directly on this I-D.


The document contains these normative downward references.
See RFC 3967 for additional information: 
    rfc4635: HMAC SHA (Hashed Message Authentication Code, Secure Hash 
Algorithm) TSIG Algorithm Identifiers (Proposed Standard - IETF stream)
    rfc2845: Secret Key Transaction Authentication for DNS (TSIG) (Proposed 
Standard - IETF stream)
    rfc3597: Handling of Unknown DNS Resource Record (RR) Types (Proposed 
Standard - IETF stream)



_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to