Information on RFC 6781 » RFC Editor (original) (raw)

File formats:

icon for text file icon for PDF icon for HTML icon for inline errata

Status:

INFORMATIONAL

Obsoletes:

RFC 4641

Authors:

O. Kolkman
W. Mekking
R. Gieben

Stream:

IETF

Source:

dnsop (ops)

Cite this RFC: TXT | XML | BibTeX

DOI: https://doi.org/10.17487/RFC6781

Discuss this RFC: Send questions or comments to the mailing list dnsop@ietf.org

Other actions:View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 6781

Abstract

This document describes a set of practices for operating the DNS with security extensions (DNSSEC). The target audience is zone administrators deploying DNSSEC.

The document discusses operational aspects of using keys and signatures in the DNS. It discusses issues of key generation, key storage, signature generation, key rollover, and related policies.

This document obsoletes RFC 4641, as it covers more operational ground and gives more up-to-date requirements with respect to key sizes and the DNSSEC operations.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.