Automating DNSSEC Delegation Trust Maintenance
RFC 7344, “Automating DNSSEC Delegation Trust Maintenance”, is a Proposed Standard document published in September 2014 by W. Kumari, O. Gudmundsson, G. Barwood. It has since been updated by RFC 8078, RFC 9615, RFC 9975. The canonical text is published by the RFC Editor.
Abstract
This document describes a method to allow DNS Operators to more easily update DNSSEC Key Signing Keys using the DNS as a communication channel. The technique described is aimed at delegations in which it is currently hard to move information from the Child to Parent.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 7344 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 7343 An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers Version 2
- RFC 7345 UDP Transport Layer over Datagram Transport Layer Security
- RFC 7342 Practices for Scaling ARP and Neighbor Discovery in Large Data Centers
- RFC 7346 IPv6 Multicast Address Scopes
- RFC 7341 DHCPv4-over-DHCPv6 Transport
- RFC 7347 Pre-standard Linear Protection Switching in MPLS Transport Profile
- RFC 7340 Secure Telephone Identity Problem Statement and Requirements
- RFC 7348 Virtual eXtensible Local Area Network : A Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks