Last Call: <draft-ietf-dnsop-rfc2845bis-06.txt> (Secret Key Transaction Authentication for DNS (TSIG)) to Internet Standard
The IESG <iesg-secretary@ietf.org> Tue, 07 January 2020 22:21 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 265C8120025; Tue, 7 Jan 2020 14:21:01 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Last Call: <draft-ietf-dnsop-rfc2845bis-06.txt> (Secret Key Transaction Authentication for DNS (TSIG)) to Internet Standard
X-Test-IDTracker: no
X-IETF-IDTracker: 6.115.0
Auto-Submitted: auto-generated
Precedence: bulk
Sender: iesg-secretary@ietf.org
CC: dnsop-chairs@ietf.org, warren@kumari.net, dnsop@ietf.org, benno@NLnetLabs.nl, Benno Overeinder <benno@NLnetLabs.nl>, draft-ietf-dnsop-rfc2845bis@ietf.org
Content-Transfer-Encoding: 7bit
Reply-To: last-call@ietf.org
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <157843566112.20859.13522851612546893374.idtracker@ietfa.amsl.com>
Date: Tue, 07 Jan 2020 14:21:01 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/IZtGoTuEng6CAcwRQCEUd2q-V3o>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jan 2020 22:21:01 -0000
[ Note to readers: Section 10.1 ("Issue Fixed in this Document") is useful to understand the reason for this document. I'm asking the authors to please put a pointer (or similar) to this in the abstract. ]
The IESG has received a request from the Domain Name System Operations WG
(dnsop) to consider the following document: - 'Secret Key Transaction
Authentication for DNS (TSIG)'
<draft-ietf-dnsop-rfc2845bis-06.txt> as Internet Standard
The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@ietf.org mailing lists by 2020-01-21. Exceptionally, comments may
be sent to iesg@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.
Abstract
This document describes a protocol for transaction level
authentication using shared secrets and one way hashing. It can be
used to authenticate dynamic updates as coming from an approved
client, or to authenticate responses as coming from an approved name
server.
No recommendation is made here for distributing the shared secrets:
it is expected that a network administrator will statically configure
name servers and clients using some out of band mechanism.
This document obsoletes RFC2845 and RFC4635.
The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc2845bis/
IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc2845bis/ballot/
No IPR declarations have been submitted directly on this I-D.
The document contains these normative downward references.
See RFC 3967 for additional information:
rfc4635: HMAC SHA (Hashed Message Authentication Code, Secure Hash Algorithm) TSIG Algorithm Identifiers (Proposed Standard - IETF stream)
rfc2845: Secret Key Transaction Authentication for DNS (TSIG) (Proposed Standard - IETF stream)
rfc3597: Handling of Unknown DNS Resource Record (RR) Types (Proposed Standard - IETF stream)