DIDO Wiki

User Tools

Site Tools

Trace: RFC5011 - Automated Updates of DNS Security (DNSSEC) Trust Anchors

Sidebar

Welcome to DIDO WIKI

dido:public:ra:xapend:xapend.b_stds:tech:ietf:5011
Book Creator
 Add this page to your book
Book Creator
 Remove this page from your book  

 Manage book(0 page(s))
 Help

RFC5011 - Automated Updates of DNS Security (DNSSEC) Trust Anchors

return to the IETF Standards

Table 1: Data sheet for RFC5011 Automated Updates of DNS Security (DNSSEC) Trust Anchors (AAAA)
Title Automated Updates of DNS Security Trust Anchors
Acronym DNSSEC
Version 2007
Document Number RFC5011
Release Date September 2007
Reference https://tools.ietf.org/html/rfc5011
Note: The following is an excerpt from the official IETF RFC. It is provided here as a convenience and is not authoritative. Refer to the original document as the authoritative reference.

Abstract

This document describes a means for automated, authenticated, and authorized updating of DNSSEC “trust anchors”. The method provides protection against N-1 key compromises of N keys in the trust point key set. Based on the trust established by the presence of a current anchor, other anchors may be added at the same place in the hierarchy, and, ultimately, supplant the existing anchor(s).
This mechanism will require changes to resolver management behavior (but not resolver resolution behavior), and the addition of a single flag bit to the DNSKEY record.
dido/public/ra/xapend/xapend.b_stds/tech/ietf/5011.txt · Last modified: 2021/09/27 21:51 by 66.249.69.248
Translations of this page:

Page Tools

OMG Home Logos and Trademarks Become a Member Become a Sponsor Upcoming TC Meeting TOP