- File formats:
- Also available: XML file for editing
- Status:
- INTERNET STANDARD
- Obsoletes:
- RFC 2845, RFC 4635
- Authors:
- F. Dupont
S. Morris
P. Vixie
D. Eastlake 3rd
O. Gudmundsson
B. Wellington - Stream:
- IETF
- Source:
- dnsop (ops)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC8945
Discuss this RFC: Send questions or comments to the mailing list dnsop@ietf.org
Other actions: View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 8945
Abstract
This document describes a protocol for transaction-level authentication using shared secrets and one-way hashing. It can be used to authenticate dynamic updates to a DNS zone as coming from an approved client or to authenticate responses as coming from an approved name server.
No recommendation is made here for distributing the shared secrets; it is expected that a network administrator will statically configure name servers and clients using some out-of-band mechanism.
This document obsoletes RFCs 2845 and 4635.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.