RFC 3658 (rfc3658) - Page 1 of 19
Delegation Signer (DS) Resource Record (RR)
Alternative Format: Original Text Document
Network Working Group O. Gudmundsson
Request for Comments: 3658 December 2003
Updates: 3090, 3008, 2535, 1035
Category: Standards Track
Delegation Signer (DS) Resource Record (RR)
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2003). All Rights Reserved.
Abstract
The delegation signer (DS) resource record (RR) is inserted at a zone
cut (i.e., a delegation point) to indicate that the delegated zone is
digitally signed and that the delegated zone recognizes the indicated
key as a valid zone key for the delegated zone. The DS RR is a
modification to the DNS Security Extensions definition, motivated by
operational considerations. The intent is to use this resource
record as an explicit statement about the delegation, rather than
relying on inference.
This document defines the DS RR, gives examples of how it is used and
describes the implications on resolvers. This change is not
backwards compatible with RFC 2535. This document updates RFC 1035,
RFC 2535, RFC 3008 and RFC 3090.
Gudmundsson Standards Track