rfc-3008

Domain Name System Security (DNSSEC) Signing Authority

B. Wellington

date2000-11 streamIETF areaint wgdnsext statusPROPOSED STANDARD pages7 canonicalhttps://www.rfc-editor.org/rfc/rfc3008 doi10.17487/RFC3008

This document proposes a revised model of Domain Name System Security (DNSSEC) Signing Authority. The revised model is designed to clarify earlier documents and add additional restrictions to simplify the secure resolution process. Specifically, this affects the authorization of keys to sign sets of records. [STANDARDS-TRACK]

obsoleted by

rfc-4033 — DNS Security Introduction and Requirements
rfc-4034 — Resource Records for the DNS Security Extensions
rfc-4035 — Protocol Modifications for the DNS Security Extensions

updated by

rfc-3658 — Delegation Signer (DS) Resource Record (RR)

updates

rfc-2535 — Domain Name System Security Extensions