Internet Key Exchange Protocol Version 2 Configuration for Encrypted DNS
RFC 9464, “Internet Key Exchange Protocol Version 2 Configuration for Encrypted DNS”, is a Proposed Standard document published in November 2023 by M. Boucadair, T. Reddy.K, D. Wing, V. Smyslov. The canonical text is published by the RFC Editor.
Abstract
This document specifies new Internet Key Exchange Protocol Version 2 (IKEv2) Configuration Payload Attribute Types to assign DNS resolvers that support encrypted DNS protocols, such as DNS over HTTPS (DoH), DNS over TLS (DoT), and DNS over QUIC (DoQ).
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 9464 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9463 DHCP and Router Advertisement Options for the Discovery of Network- designated Resolvers
- RFC 9465 PIM Null-Register Packing
- RFC 9462 Discovery of Designated Resolvers
- RFC 9466 PIM Assert Message Packing
- RFC 9461 Service Binding Mapping for DNS Servers
- RFC 9460 Service Binding and Parameter Specification via the DNS
- RFC 9468 Unsolicited Bidirectional Forwarding Detection for Sessionless Applications
- RFC 9459 CBOR Object Signing and Encryption : AES-CTR and AES-CBC