Servers which is currently used only for key deletion. Section 5 discusses spontaneous inclusion of TKEY RRs in responses by This method is applicable to allĬurrently defined TKEY modes, although in some cases it is not what Section 4 discusses key agreement and deletion via DNS requests with Section 3 describes general principles of operations with TKEY. Queries, forwards recursive queries, etc.ġ.1 Overview of Contents Section 2 below specifies the TKEY RR and provides a description ofĪnd considerations for its constituent fields. Server which may make full and incremental zone transfer In all cases herein, the term "resolver" includes that part of a "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in thisĭocument are to be interpreted as described in. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", Specified in this document are the server assigned mode and the They may be used to authenticate queries and responsesīut they do not provide zone based DNS data origin or denialĬertain modes of TKEY perform encryption which may affect theirĮxport or import status for some countries. Note that TKEY established keying material and TSIGs that use it areĪssociated with DNS servers or resolvers. Number of different modes to establish and delete such shared secret This document specifies a TKEY RR that can be used in a Messages using shared secret keys via the TSIG resource record (RR)īut provides no mechanism for setting up such keys other than manualĮxchange. provides a means of efficiently authenticating DNS It has been extended to provide for public key Names and addresses, for email routing, and for other information The Domain Name System (DNS) is a hierarchical, distributed, highlyĪvailable database used for bi-directional mapping between domain 10 4.5 Query for Resolver Assigned Keying. 8 4.1 Query for Diffie-Hellman Exchanged Keying. 5 2.4 The Inception and Expiration Fields. Order) have been incorporated herein and are gratefully acknowledged:ġ. The comments and ideas of the following persons (listed in alphabetic This document describes a Transaction Key (TKEY) RR thatĬan be used in a number of different modes to establish shared secret Provides no mechanism for setting up such keys other than manualĮxchange. Transaction Signature (TSIG) resource record (RR). (DNS) queries and responses using shared secret keys via the provides a means of authenticating Domain Name System Distribution of this memo is unlimited.Ĭopyright (C) The Internet Society (2000). Official Protocol Standards" (STD 1) for the standardization stateĪnd status of this protocol. Please refer to the current edition of the "Internet Internet community, and requests discussion and suggestions for This document specifies an Internet standards track protocol for the Secret Key Establishment for DNS (TKEY RR) Updated by: 6895 Network Working Group D. RFC 2930: Secret Key Establishment for DNS (TKEY RR)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |