RFC 7958

DNSSEC Trust Anchor Publication for the Root Zone, August 2016

File formats:
icon for text file icon for PDF icon for HTML icon for inline errata
J. Abley
J. Schlyter
G. Bailey
P. Hoffman

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC7958

Discuss this RFC: Send questions or comments to the mailing list rfc-ise@rfc-editor.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 7958


The root zone of the Domain Name System (DNS) has been cryptographically signed using DNS Security Extensions (DNSSEC).

In order to obtain secure answers from the root zone of the DNS using DNSSEC, a client must configure a suitable trust anchor. This document describes the format and publication mechanisms IANA has used to distribute the DNSSEC trust anchors.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search