RFC 3658 (rfc3658) - Page 1 of 19

Delegation Signer (DS) Resource Record (RR)

Network Working Group                                     O. Gudmundsson
Request for Comments: 3658                                 December 2003
Updates: 3090, 3008, 2535, 1035
Category: Standards Track


              Delegation Signer (DS) Resource Record (RR)

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2003).  All Rights Reserved.

Abstract

   The delegation signer (DS) resource record (RR) is inserted at a zone
   cut (i.e., a delegation point) to indicate that the delegated zone is
   digitally signed and that the delegated zone recognizes the indicated
   key as a valid zone key for the delegated zone.  The DS RR is a
   modification to the DNS Security Extensions definition, motivated by
   operational considerations.  The intent is to use this resource
   record as an explicit statement about the delegation, rather than
   relying on inference.

   This document defines the DS RR, gives examples of how it is used and
   describes the implications on resolvers.  This change is not
   backwards compatible with RFC 2535.  This document updates RFC 1035,
   RFC 2535, RFC 3008 and RFC 3090.
















Gudmundsson                 Standards Track