rfc-2845

Secret Key Transaction Authentication for DNS (TSIG)

P. Vixie, O. Gudmundsson, D. Eastlake 3rd, B. Wellington

date2000-05 streamIETF areaint wgdnsext statusPROPOSED STANDARD pages15 canonicalhttps://www.rfc-editor.org/rfc/rfc2845 doi10.17487/RFC2845

This protocol allows for transaction level authentication using shared secrets and one way hashing. It can be used to authenticate dynamic updates as coming from an approved client, or to authenticate responses as coming from an approved recursive name server. [STANDARDS-TRACK]

obsoleted by

rfc-8945 — Secret Key Transaction Authentication for DNS (TSIG)

updated by

rfc-3645 — Generic Security Service Algorithm for Secret Key Transaction Authentication for DNS (GSS-TSIG)
rfc-4635 — HMAC SHA (Hashed Message Authentication Code, Secure Hash Algorithm) TSIG Algorithm Identifiers
rfc-6895 — Domain Name System (DNS) IANA Considerations

updates

rfc-1035 — Domain names - implementation and specification