database logo graphic

RFC 3445

"Limiting the Scope of the KEY Resource Record (RR)", December 2002

Canonical URL:
http://www.rfc-editor.org/rfc/rfc3445.txt
This document is also available in this non-normative format: PDF.
Status:
PROPOSED STANDARD
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035
Updates:
RFC 2535
Authors:
D. Massey
S. Rose
Stream:
IETF
Source:
dnsext (int)

Cite this RFC: TXT  |  XML

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document limits the Domain Name System (DNS) KEY Resource Record (RR) to only keys used by the Domain Name System Security Extensions (DNSSEC). The original KEY RR used sub-typing to store both DNSSEC keys and arbitrary application keys. Storing both DNSSEC and application keys with the same record type is a mistake. This document removes application keys from the KEY record by redefining the Protocol Octet field in the KEY RR Data. As a result of removing application keys, all but one of the flags in the KEY record become unnecessary and are redefined. Three existing application key sub-types are changed to reserved, but the format of the KEY record is not changed. This document updates RFC 2535. [STANDARDS-TRACK]


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Go to the RFC Editor Homepage.