File formats:

Status:

PROPOSED STANDARD

Obsoletes:

RFC 6944

Updated by:

RFC 9157

Authors:

P. Wouters
O. Sury

Stream:

IETF

Source:

dnsop (ops)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC8624

Discuss this RFC: Send questions or comments to the mailing list dnsop@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 8624

Abstract

The DNSSEC protocol makes use of various cryptographic algorithms in order to provide authentication of DNS data and proof of nonexistence. To ensure interoperability between DNS resolvers and DNS authoritative servers, it is necessary to specify a set of algorithm implementation requirements and usage guidelines to ensure that there is at least one algorithm that all implementations support. This document defines the current algorithm implementation requirements and usage guidance for DNSSEC. This document obsoletes RFC 6944.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.