DNSSEC Trust Anchor Publication for the Root Zone, August 2016
- File formats:
- J. Abley
Discuss this RFC: Send questions or comments to the mailing list [email protected]
The root zone of the Domain Name System (DNS) has been cryptographically signed using DNS Security Extensions (DNSSEC).
In order to obtain secure answers from the root zone of the DNS using DNSSEC, a client must configure a suitable trust anchor. This document describes the format and publication mechanisms IANA has used to distribute the DNSSEC trust anchors.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.