RFC 3130 (rfc3130) - Page 1 of 10
Notes from the State-Of-The-Technology: DNSSEC
Alternative Format: Original Text Document
Network Working Group E. Lewis
Request for Comments: 3130 NAI Labs
Category: Informational June 2001
Notes from the State-Of-The-Technology: DNSSEC
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2001). All Rights Reserved.
Abstract
This is a memo of a DNSSEC (Domain Name System Security Extensions)
status meeting.
1.0 Introduction
A meeting of groups involved in the development of the DNS Security
Extensions (DNSSEC) was held in conjunction with the 49th IETF. The
discussion covered the extent of current efforts, a discussion of
what questions are being asked of DNSSEC, and what is needed by the
IETF to progress the definition to the Draft Standard level.
DNSSEC [RFC 2535] has been under consideration for quite a few years,
with RFC 2535 being the core of the most recent definition. DNSSEC
is part of the charter of two working groups, DNSEXT and DNSOP.
ISC's BIND v8.2 implemented part of the specification, BIND v9
represents the first full implementation. In 1999 and 2000, more
than a half dozen workshops have been held to test the concepts and
the earliest versions of implementations. But to date, DNSSEC is not
in common use.
The current collective wisdom is that DNSSEC is 1) important, 2) a
buzzword, 3) hard, 4) immature. To capture the true state of the
technology and identify where work is needed, an informal gathering
of groups known to be involved in DNSSEC was held in conjunction with
the 49th IETF. The attendees represented NLnet Labs, The Foundation
for Internet Infrastructure, RIPE NCC, ARIN, CAIRN (ISI and NAI
Labs), NIST, DISA, RSSAC, Network Associates and Verisign
(COM/NET/ORG TLDs).
Lewis Informational