RFC 2537 (rfc2537) - Page 2 of 6
RSA/MD5 KEYs and SIGs in the Domain Name System (DNS)
Alternative Format: Original Text Document
RFC 2537 RSA/MD5 KEYs and SIGs in the DNS March 1999
This document describes how to store RSA keys and and RSA/MD5 based
signatures in the DNS. Familiarity with the RSA algorithm is assumed
[Schneier]. Implementation of the RSA algorithm in DNS is
recommended.
The key words "MUST", "REQUIRED", "SHOULD", "RECOMMENDED", and "MAY"
in this document are to be interpreted as described in RFC 2119.
2. RSA Public KEY Resource Records
RSA public keys are stored in the DNS as KEY RRs using algorithm
number 1 [RFC 2535]. The structure of the algorithm specific portion
of the RDATA part of such RRs is as shown below.
Field Size
----- ----
exponent length 1 or 3 octets (see text)
exponent as specified by length field
modulus remaining space
For interoperability, the exponent and modulus are each currently
limited to 4096 bits in length. The public key exponent is a
variable length unsigned integer. Its length in octets is
represented as one octet if it is in the range of 1 to 255 and by a
zero octet followed by a two octet unsigned length if it is longer
than 255 bytes. The public key modulus field is a multiprecision
unsigned integer. The length of the modulus can be determined from
the RDLENGTH and the preceding RDATA fields including the exponent.
Leading zero octets are prohibited in the exponent and modulus.
3. RSA/MD5 SIG Resource Records
The signature portion of the SIG RR RDATA area, when using the
RSA/MD5 algorithm, is calculated as shown below. The data signed is
determined as specified in [RFC 2535]. See [RFC 2535] for fields in
the SIG RR RDATA which precede the signature itself.
hash = MD5 ( data )
signature = ( 00 | 01 | FF* | 00 | prefix | hash ) ** e (mod n)
Eastlake Standards Track