RFC - 3225
Indicating Resolver Support of DNSSEC
| Original: | ftp://ftp.isi.edu/in-notes/rfc3225.txt |
|---|---|
| Authors: | D. Conrad [Nominum, Inc.] |
| Date: | December 2001 |
| Category: | Proposed Standard |
| Updated by: | |
|---|---|
| RFC-4035prop | Protocol Modifications for the DNS Security Extensions (Updated by RFC-4470prop) |
| RFC-4034prop | Resource Records for the DNS Security Extensions (Updated by RFC-4470prop) |
| RFC-4033prop | DNS Security Introduction and Requirements |
| Referred by: | 9 RFC |
| Refers to: | 5 RFC |
Status
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2001). All Rights Reserved.
Abstract
In order to deploy DNSSEC (Domain Name System Security Extensions) operationally, DNSSEC aware servers should only perform automatic inclusion of DNSSEC RRs when there is an explicit indication that the resolver can understand those RRs. This document proposes the use of a bit in the EDNS0 header to provide that explicit indication and describes the necessary protocol changes to implement that notification.
-
prepared by Miloslav Nic
- the founder of Zvon.org and Law-Ref.org
- the head of B.Sc. program Informatics and chemistry [in Czech]
- the founder of Lidem.org - Volby 2006 - parliamentary elections in the Czech Republic [in Czech]
- the chief consultant of the publishing house ICT Press
- and Pavel Srb, a student of B.Sc. program Informatics and chemistry