database logo graphic

RFC 3655

"Redefinition of DNS Authenticated Data (AD) bit", November 2003

Canonical URL:
http://www.rfc-editor.org/rfc/rfc3655.txt
This document is also available in this non-normative format: PDF.
Status:
PROPOSED STANDARD
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035
Updates:
RFC 2535
Authors:
B. Wellington
O. Gudmundsson
Stream:
IETF
Source:
dnsext (int)

Cite this RFC: TXT  |  XML

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document alters the specification defined in RFC 2535. Based on implementation experience, the Authenticated Data (AD) bit in the DNS header is not useful. This document redefines the AD bit such that it is only set if all answers or records proving that no answers exist in the response has been cryptographically verified or otherwise meets the server's local security policy.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Go to the RFC Editor Homepage.