IETF 81 Proceedings
Introduction | Area, Working Goup & BoF Reports | Plenaries | Training | Internet Research Task Force
DNS Extensions (dnsext) (WG)
No Minutes Submitted | Audio Archives | Jabber Logs | Mailing List Archives
Additional information is available at tools.ietf.org/wg/dnsext
Chair(s):Internet Area Director(s):Internet Area Advisor: |
Meeting Slides
No Slides PresentInternet-Drafts:
- Clarifications and Implementation Notes for DNSSECbis (0 bytes) Failed to copy /a/www/ietf-ftp/internet-drafts/draft-ietf-dnsext-dnssec-bis-updates-14.txt
- DNAME Redirection in the DNS (0 bytes) Failed to copy /a/www/ietf-ftp/internet-drafts/draft-ietf-dnsext-rfc2672bis-dname-24.txt
- Applicability Statement: DNS Security (DNSSEC) DNSKEY Algorithm IANA Registry (0 bytes) Failed to copy /a/www/ietf-ftp/internet-drafts/draft-ietf-dnsext-dnssec-registry-fixes-08.txt
- Signaling Cryptographic Algorithm Understanding in DNSSEC (0 bytes) Failed to copy /a/www/ietf-ftp/internet-drafts/draft-ietf-dnsext-dnssec-algo-signal-02.txt
- Elliptic Curve DSA for DNSSEC (0 bytes) Failed to copy /a/www/ietf-ftp/internet-drafts/draft-ietf-dnsext-ecdsa-01.txt
Request for Comments:
- A DNS RR for specifying the location of services (DNS SRV) (RFC 2782) (24013 bytes) obsoletes RFC 2052/ updated by RFC 6335 Failed to copy /a/www/ietf-ftp/rfc/rfc2782.txt
- Secret Key Transaction Authentication for DNS (TSIG) (RFC 2845) (32272 bytes) Updates RFC 1035/ updated by RFC 3645 Failed to copy /a/www/ietf-ftp/rfc/rfc2845.txt
- Domain Name System (DNS) IANA Considerations (RFC 2929) (22454 bytes) obsoleted by RFC 5395 Failed to copy /a/www/ietf-ftp/rfc/rfc2929.txt
- Secret Key Establishment for DNS (TKEY RR) (RFC 2930) (34894 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc2930.txt
- DNS Request and Transaction Signatures ( SIG(0)s ) (RFC 2931) (19073 bytes) Updates RFC 2535 Failed to copy /a/www/ietf-ftp/rfc/rfc2931.txt
- Domain Name System Security (DNSSEC) Signing Authority (RFC 3008) (13484 bytes) obsoleted by RFC 4033,RFC 4034,RFC 4035/ Updates RFC 2535/ updated by RFC 3658 Failed to copy /a/www/ietf-ftp/rfc/rfc3008.txt
- Secure Domain Name System (DNS) Dynamic Update (RFC 3007) (18056 bytes) obsoletes RFC 2535,RFC 2136/ Updates RFC 2137/ updated by RFC 4033,RFC 4034,RFC 4035 Failed to copy /a/www/ietf-ftp/rfc/rfc3007.txt
- DNS Security Extension Clarification on Zone Status (RFC 3090) (24166 bytes) obsoleted by RFC 4033,RFC 4034,RFC 4035/ updated by RFC 3658 Failed to copy /a/www/ietf-ftp/rfc/rfc3090.txt
- RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS) (RFC 3110) (14587 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc3110.txt
- A DNS RR Type for Lists of Address Prefixes (APL RR) (RFC 3123) (14648 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc3123.txt
- Applicability Statement for DNS MIB Extensions (RFC 3197) (8610 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc3197.txt
- Indicating Resolver Support of DNSSEC (RFC 3225) (11548 bytes) updated by RFC 4033,RFC 4034,RFC 4035 Failed to copy /a/www/ietf-ftp/rfc/rfc3225.txt
- DNSSEC and IPv6 A6 aware server/resolver message size requirements (RFC 3226) (12078 bytes) Updates RFC 2874,RFC 2535/ updated by RFC 4033,RFC 4034,RFC 4035 Failed to copy /a/www/ietf-ftp/rfc/rfc3226.txt
- Tradeoffs in DNS support for IPv6 (RFC 3364) (26544 bytes) Updates RFC 2874 Failed to copy /a/www/ietf-ftp/rfc/rfc3364.txt
- Representing IPv6 addresses in DNS (RFC 3363) (11055 bytes) Updates RFC 2673,RFC 2874 Failed to copy /a/www/ietf-ftp/rfc/rfc3363.txt
- Obsoleting IQUERY (RFC 3425) (8615 bytes) Updates RFC 1035 Failed to copy /a/www/ietf-ftp/rfc/rfc3425.txt
- Limiting the Scope of the KEY Resource Record out (RFC 3445) (20947 bytes) obsoleted by RFC 4033,RFC 4034,RFC 4035/ Updates RFC 2535 Failed to copy /a/www/ietf-ftp/rfc/rfc3445.txt
- Handling of Unknown DNS Resource Record (RR) Types (RFC 3597) (17559 bytes) updated by RFC 4033,RFC 4034,RFC 4035,RFC 5395,RFC 6195 Failed to copy /a/www/ietf-ftp/rfc/rfc3597.txt
- DNS Extensions to support IP version 6 (RFC 3596) (14093 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc3596.txt
- GSS Algorithm for TSIG (GSS-TSIG) (RFC 3645) (56162 bytes) Updates RFC 2845 Failed to copy /a/www/ietf-ftp/rfc/rfc3645.txt
- Redefinition of DNS AD bit (RFC 3655) (15646 bytes) obsoletes RFC 2535/ obsoleted by RFC 4033,RFC 4034,RFC 4035 Failed to copy /a/www/ietf-ftp/rfc/rfc3655.txt
- Delegation Signer Resource Record (RFC 3658) (42120 bytes) obsoleted by RFC 4033,RFC 4034,RFC 4035/ Updates RFC 3090,RFC 3008,RFC 2535,RFC 1035/ updated by RFC 3755 Failed to copy /a/www/ietf-ftp/rfc/rfc3658.txt
- Legacy Resolver Compatibility for Delegation Signer (RFC 3755) (19812 bytes) obsoleted by RFC 4033,RFC 4034,RFC 4035/ Updates RFC 3658,RFC 2535/ updated by RFC 3757,RFC 3845 Failed to copy /a/www/ietf-ftp/rfc/rfc3755.txt
- KEY RR Secure Entry Point Flag (RFC 3757) (16868 bytes) obsoleted by RFC 4033,RFC 4034,RFC 4035/ Updates RFC 3755,RFC 2535 Failed to copy /a/www/ietf-ftp/rfc/rfc3757.txt
- DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format (RFC 3845) (14793 bytes) obsoleted by RFC 4033,RFC 4034,RFC 4035/ Updates RFC 3755,RFC 2535 Failed to copy /a/www/ietf-ftp/rfc/rfc3845.txt
- Threat Analysis Of The Domain Name System (RFC 3833) (39303 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc3833.txt
- Protocol Modifications for the DNS Security Extensions (RFC 4035) (130589 bytes) obsoletes RFC 3845,RFC 2535,RFC 3008,RFC 3090,RFC 3445,RFC 3655,RFC 3658,RFC 3755,RFC 3757/ Updates RFC 1034,RFC 1035,RFC 2136,RFC 2181,RFC 2308,RFC 3225,RFC 3007,RFC 3597,RFC 3226/ updated by RFC 4470,RFC 6014 Failed to copy /a/www/ietf-ftp/rfc/rfc4035.txt
- Resource Records for the DNS Security Extensions (RFC 4034) (63879 bytes) obsoletes RFC 3845,RFC 2535,RFC 3008,RFC 3090,RFC 3445,RFC 3655,RFC 3658,RFC 3755,RFC 3757/ Updates RFC 1034,RFC 1035,RFC 2136,RFC 2181,RFC 2308,RFC 3225,RFC 3007,RFC 3597,RFC 3226/ updated by RFC 4470,RFC 6014 Failed to copy /a/www/ietf-ftp/rfc/rfc4034.txt
- DNS Security Introduction and Requirements (RFC 4033) (52445 bytes) obsoletes RFC 2535,RFC 3008,RFC 3090,RFC 3445,RFC 3655,RFC 3658,RFC 3755,RFC 3757,RFC 3845/ Updates RFC 1034,RFC 1035,RFC 2136,RFC 2181,RFC 2308,RFC 3225,RFC 3007,RFC 3597,RFC 3226/ updated by RFC 6014 Failed to copy /a/www/ietf-ftp/rfc/rfc4033.txt
- Domain Name System (DNS) Case Insensitivity Clarification (RFC 4343) (22899 bytes) Updates RFC 1034,RFC 1035,RFC 2181 Failed to copy /a/www/ietf-ftp/rfc/rfc4343.txt
- Storing Certificates in the Domain Name System (DNS) (RFC 4398) (35652 bytes) obsoletes RFC 2538 Failed to copy /a/www/ietf-ftp/rfc/rfc4398.txt
- Minimally Covering NSEC Records and DNSSEC On-line Signing (RFC 4470) (17471 bytes) Updates RFC 4035,RFC 4034 Failed to copy /a/www/ietf-ftp/rfc/rfc4470.txt
- Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource Records (RRs) (RFC 4509) (14155 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc4509.txt
- The Role of Wildcards in the Domain Name System (RFC 4592) (43991 bytes) Updates RFC 1034,RFC 2672 Failed to copy /a/www/ietf-ftp/rfc/rfc4592.txt
- HMAC SHA (Hashed Message Authentication Code, Secure Hash Algorithm) TSIG Algorithm Identifiers (RFC 4635) (16533 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc4635.txt
- Derivation of DNS Name Predecessor and Successor (RFC 4471) (42430 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc4471.txt
- A DNS Resource Record (RR) for Encoding Dynamic Host Configuration Protocol (DHCP) Information (DHCID RR) (RFC 4701) (24570 bytes) updated by RFC 5494 Failed to copy /a/www/ietf-ftp/rfc/rfc4701.txt
- Link-local Multicast Name Resolution (LLMNR) (RFC 4795) (71969 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc4795.txt
- DNS Security (DNSSEC) Experiments (RFC 4955) (15417 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc4955.txt
- DNS Security (DNSSEC) Opt-In (RFC 4956) (32033 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc4956.txt
- DNS Name Server Identifier Option (NSID) (RFC 5001) (23754 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5001.txt
- Requirements Related to DNS Security (DNSSEC) Trust Anchor Rollover (RFC 4986) (22647 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc4986.txt
- Automated Updates of DNS Security (DNSSEC) Trust Anchors (RFC 5011) (30138 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5011.txt
- DNS Security (DNSSEC) Hashed Authenticated Denial of Existence (RFC 5155) (112140 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5155.txt
- Domain Name System (DNS) IANA Considerations (RFC 5395) (33725 bytes) obsoletes RFC 2929/ Updates RFC 1183,RFC 3597 Failed to copy /a/www/ietf-ftp/rfc/rfc5395.txt
- Measures for Making DNS More Resilient against Forged Answers (RFC 5452) (37432 bytes) Updates RFC 2181 Failed to copy /a/www/ietf-ftp/rfc/rfc5452.txt
- DNS Proxy Implementation Guidelines (RFC 5625) (24585 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5625.txt
- Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC (RFC 5702) (19425 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5702.txt
- DNS Zone Transfer Protocol (AXFR) (RFC 5936) (66337 bytes) Updates RFC 1034,RFC 1035 Failed to copy /a/www/ietf-ftp/rfc/rfc5936.txt
- Use of GOST Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC (RFC 5933) (17657 bytes) Failed to copy /a/www/ietf-ftp/rfc/rfc5933.txt
- DNS Transport over TCP - Implementation Requirements (RFC 5966) (14970 bytes) Updates RFC 1035,RFC 1123 Failed to copy /a/www/ietf-ftp/rfc/rfc5966.txt
- Cryptographic Algorithm Identifier Allocation for DNSSEC (RFC 6014) (11182 bytes) Updates RFC 4033,RFC 4034,RFC 4035 Failed to copy /a/www/ietf-ftp/rfc/rfc6014.txt
- Domain Name System (DNS) IANA Considerations (RFC 6195) (33790 bytes) Updates RFC 1183,RFC 3597 Failed to copy /a/www/ietf-ftp/rfc/rfc6195.txt
Charter (as of 2011-08-18)
The DNS has a large installed base and repertoire of protocol
specifications. The DNSEXT working group will actively advance DNS
protocol-related RFCs on the standards track while thoroughly
reviewing further proposed extensions. The scope of the DNSEXT WG is
confined to the DNS protocol, particularly changes that affect DNS
protocols "on the wire" or the internal processing of DNS data. DNS
operations are out of scope for the WG.
The WG will consider work in the following areas:
* DNSSEC and TSIG/TKEY algorithm maintenance
* Mechanisms that complement, or are alternatives to, TSIG and SIG(0)
* Hardening DNS protocol and providing guidance to implementers
* Advancing existing DNS-related Proposed Standard RFCs to Draft/Full
Standard
* Obsoleting DNS-related RFCs
* Improving DNS zone synchronization mechanisms
* Examining transport protocols, possibly adding new ones
* Mechanisms to alias DNS trees or parts thereof
Before formal adoption of any work item at least 5 working group
participants must publicly state that the item is within charter and
is a worthwhile item for further study.
The DNSEXT WG will conduct the specified RFC5395 review of RR
templates as they are posted, and EDNS0 Option templates if EDNS0-bis
updates registration requirements.
The WG will review DNS protocol related work which may originate
elsewhere in the IETF, including AD-sponsored submissions or drafts
in other working group.
Goals and Milestones:
| Done | Forward NSEC rdata to IESG for Proposed Standard | |
| Done | Forward RFC2535-bis to IESG for proposed standard | |
| Done | Forward Case Insensitive to IESG for Proposed Standard | |
| Done | Forward LLMNR to IESG for Proposed Standard | |
| Done | Update boilerplate text on OPT-IN | |
| Done | Forward Wildcard clarification to IESG for proposed standard | |
| Done | Finalize Zone Enumeration Requirements | |
| Done | RFC2538 (CERT RR) to Draft Standard | |
| Done | Forgery Resilience advanced to IESG | |
| Done | GOST DNSKEY and DS support advanced to IESG | |
| Done | AXFR Clarify to IESG | |
| Done | DNS existing transport protocol recommendations/clarifications to IESG | |
| Apr 2011 | RFC3597-bis Unknown RR advanced to IESG for PS | |
| Jun 2011 | DNSKEY Registry fixes and allocation procedure advanced to IESG | |
| Jun 2011 | EDNS0-bis update advanced to IESG | |
| Jun 2011 | DNAME-bis to IESG | |
| Aug 2011 | Algorithm signaling document to IESG | |
| Oct 2011 | DNSSEC Errata document to IESG | |
| Nov 2011 | Decision about new protocol elements, if any | |
| Nov 2011 | Requirements and current state survey document to IESG for publication | |
| Dec 2011 | IXFR-only to IESG | |
| Dec 2011 | If new protocol elements, recharter |
Home - Tools
Team - Datatracker - Web Site Usage Statistics - IASA - IAB - RFC Editor - IANA - IRTF - IETF Trust - ISOC - Store - Contact Us
Secretariat services provided by Association Management Solutions, LLC (AMS).
Please send problem reports to: ietf-action@ietf.org.