database logo graphic

RFC 3755

"Legacy Resolver Compatibility for Delegation Signer (DS)", May 2004

Canonical URL:
http://www.rfc-editor.org/rfc/rfc3755.txt
This document is also available in this non-normative format: PDF.
Status:
PROPOSED STANDARD
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035
Updates:
RFC 3658, RFC 2535
Updated by:
RFC 3757, RFC 3845
Author:
S. Weiler
Stream:
IETF
Source:
dnsext (int)

Cite this RFC: TXT  |  XML

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

As the DNS Security (DNSSEC) specifications have evolved, the syntax and semantics of the DNSSEC resource records (RRs) have changed. Many deployed nameservers understand variants of these semantics. Dangerous interactions can occur when a resolver that understands an earlier version of these semantics queries an authoritative server that understands the new delegation signer semantics, including at least one failure scenario that will cause an unsecured zone to be unresolvable. This document changes the type codes and mnemonics of the DNSSEC RRs (SIG, KEY, and NXT) to avoid those interactions. [STANDARDS-TRACK]


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Go to the RFC Editor Homepage.