The IESG has received a request from the Domain Name System Operations WG (dnsop) to consider the following document: - 'DNS Security Extensions (DNSSEC)' <draft-ietf-dnsop-dnssec-bcp-03.txt> as Best Current Practice
The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the last-c...@ietf.org mailing lists by 2022-10-05. Exceptionally, comments may be sent to i...@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document describes the DNS security extensions (commonly called "DNSSEC") that are specified RFCs 4033, 4034, 4035, and a handful of others. One purpose is to introduce all of the RFCs in one place so that the reader can understand the many aspects of DNSSEC. This document does not update any of those RFCs. Another purpose is to move DNSSEC to Best Current Practice status. This document is currently maintained at https://github.com/paulehoffman/draft-hoffman-dnssec. Issues and pull requests are welcomed. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-dnsop-dnssec-bcp/ No IPR declarations have been submitted directly on this I-D. The document contains these normative downward references. See RFC 3967 for additional information: rfc5702: Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC (Proposed Standard - Internet Engineering Task Force (IETF)) rfc5155: DNS Security (DNSSEC) Hashed Authenticated Denial of Existence (Proposed Standard - Internet Engineering Task Force (IETF)) rfc4509: Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource Records (RRs) (Proposed Standard - Internet Engineering Task Force (IETF)) rfc6840: Clarifications and Implementation Notes for DNS Security (DNSSEC) (Proposed Standard - Internet Engineering Task Force (IETF)) rfc4035: Protocol Modifications for the DNS Security Extensions (Proposed Standard - Internet Engineering Task Force (IETF)) rfc4034: Resource Records for the DNS Security Extensions (Proposed Standard - Internet Engineering Task Force (IETF)) rfc4033: DNS Security Introduction and Requirements (Proposed Standard - Internet Engineering Task Force (IETF)) rfc3110: RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS) (Proposed Standard - Internet Engineering Task Force (IETF)) _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce
