RFC 3090
DNS Security Extension Clarification on Zone Status, March 2001
- File formats:
- Status:
- PROPOSED STANDARD
- Obsoleted by:
- RFC 4033, RFC 4034, RFC 4035
- Updates:
- RFC 2535
- Updated by:
- RFC 3658
- Author:
- E. Lewis
- Stream:
- IETF
- Source:
- dnsext (int)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC3090
Discuss this RFC: Send questions or comments to the mailing list dnsext@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 3090
Abstract
The definition of a secured zone is presented, clarifying and updating sections of RFC 2535. RFC 2535 defines a zone to be secured based on a per algorithm basis, e.g., a zone can be secured with RSA keys, and not secured with DSA keys. This document changes this to define a zone to be secured or not secured regardless of the key algorithm used (or not used). To further simplify the determination of a zone's status, "experimentally secure" status is deprecated. [STANDARDS-TRACK]
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.