RFC 3655

Redefinition of DNS Authenticated Data (AD) bit, November 2003

Canonical URL:
https://www.rfc-editor.org/rfc/rfc3655.txt
File formats:
Plain TextPDF
Status:
PROPOSED STANDARD
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035
Updates:
RFC 2535
Authors:
B. Wellington
O. Gudmundsson
Stream:
IETF
Source:
dnsext (int)

Cite this RFC: TXT  |  XML

DOI:  http://dx.doi.org/10.17487/RFC3655

Discuss this RFC: Send questions or comments to dnsext@ietf.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document alters the specification defined in RFC 2535. Based on implementation experience, the Authenticated Data (AD) bit in the DNS header is not useful. This document redefines the AD bit such that it is only set if all answers or records proving that no answers exist in the response has been cryptographically verified or otherwise meets the server's local security policy.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×