[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

I-D ACTION:draft-ietf-dnsext-restrict-key-for-dnssec-03.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the DNS Extensions Working Group of the IETF.

	Title		: Limiting the Scope of the KEY Resource Record
	Author(s)	: D. Massey, S. Rose
	Filename	: draft-ietf-dnsext-restrict-key-for-dnssec-03.txt
	Pages		: 15
	Date		: 01-Jul-02
This document limits the Domain Name System KEY resource record to
only keys used by the Domain Name System Security Extensions
(DNSSEC).  The original KEY resource record used sub-typing to store
both DNSSEC keys and arbitrary application keys.  Storing both DNSSEC
and application keys in one record was a mistake.  This document
removes application keys from the KEY record by redefining the
Protocol Octet field in the KEY Resource Record Data.  As a result of
removing application keys, all but one of the flags in the KEY record
become unnecessary and are removed.  Three existing application key
sub-types are changed to reserved, but the format of the KEY record
is not changed.  This document updates RFC 2535.

A URL for this Internet-Draft is:

To remove yourself from the IETF Announcement list, send a message to 
ietf-announce-request with the word unsubscribe in the body of the message.

Internet-Drafts are also available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
	"get draft-ietf-dnsext-restrict-key-for-dnssec-03.txt".

A list of Internet-Drafts directories can be found in
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

Internet-Drafts can also be obtained by e-mail.

Send a message to:
In the body type:
	"FILE /internet-drafts/draft-ietf-dnsext-restrict-key-for-dnssec-03.txt".
NOTE:	The mail server at ietf.org can return the document in
	MIME-encoded form by using the "mpack" utility.  To use this
	feature, insert the command "ENCODING mime" before the "FILE"
	command.  To decode the response(s), you will need "munpack" or
	a MIME-compliant mail reader.  Different MIME-compliant mail readers
	exhibit different behavior, especially when dealing with
	"multipart" MIME messages (i.e. documents which have been split
	up into multiple messages), so check your local documentation on
	how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the