[rfc-dist] RFC 8976 on Message Digest for DNS Zones
rfc-editor@rfc-editor.org Wed, 10 February 2021 06:19 UTC
Return-Path: <rfc-dist-bounces@rfc-editor.org>
X-Original-To: ietfarch-rfc-dist-archive@ietfa.amsl.com
Delivered-To: ietfarch-rfc-dist-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C73CD3A1420 for <ietfarch-rfc-dist-archive@ietfa.amsl.com>; Tue, 9 Feb 2021 22:19:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.92
X-Spam-Level:
X-Spam-Status: No, score=-2.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5n1tbzJQcHS1 for <ietfarch-rfc-dist-archive@ietfa.amsl.com>; Tue, 9 Feb 2021 22:19:36 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44D883A1421 for <rfc-dist-archive-yuw6Xa6hiena@ietf.org>; Tue, 9 Feb 2021 22:19:36 -0800 (PST)
Received: from rfcpa.amsl.com (localhost [IPv6:::1]) by rfc-editor.org (Postfix) with ESMTP id 5DA17F40744; Tue, 9 Feb 2021 22:19:08 -0800 (PST)
X-Original-To: rfc-dist@rfc-editor.org
Delivered-To: rfc-dist@rfc-editor.org
Received: by rfc-editor.org (Postfix, from userid 30) id A6C17F40743; Tue, 9 Feb 2021 22:19:07 -0800 (PST)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
X-PHP-Originating-Script: 1005:ams_util_lib.php
From: rfc-editor@rfc-editor.org
Message-Id: <20210210061907.A6C17F40743@rfc-editor.org>
Date: Tue, 09 Feb 2021 22:19:07 -0800
Subject: [rfc-dist] RFC 8976 on Message Digest for DNS Zones
X-BeenThere: rfc-dist@rfc-editor.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: RFC Announcements <rfc-dist.rfc-editor.org>
List-Unsubscribe: <https://www.rfc-editor.org/mailman/options/rfc-dist>, <mailto:rfc-dist-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <http://www.rfc-editor.org/pipermail/rfc-dist/>
List-Post: <mailto:rfc-dist@rfc-editor.org>
List-Help: <mailto:rfc-dist-request@rfc-editor.org?subject=help>
List-Subscribe: <https://www.rfc-editor.org/mailman/listinfo/rfc-dist>, <mailto:rfc-dist-request@rfc-editor.org?subject=subscribe>
Cc: drafts-update-ref@iana.org, dnsop@ietf.org, rfc-editor@rfc-editor.org
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: rfc-dist-bounces@rfc-editor.org
Sender: rfc-dist <rfc-dist-bounces@rfc-editor.org>
A new Request for Comments is now available in online RFC libraries.
RFC 8976
Title: Message Digest for DNS Zones
Author: D. Wessels,
P. Barber,
M. Weinberg,
W. Kumari,
W. Hardaker
Status: Standards Track
Stream: IETF
Date: February 2021
Mailbox: dwessels@verisign.com,
pbarber@verisign.com,
matweinb@amazon.com,
warren@kumari.net,
ietf@hardakers.net
Pages: 31
Updates/Obsoletes/SeeAlso: None
I-D Tag: draft-ietf-dnsop-dns-zone-digest-14.txt
URL: https://www.rfc-editor.org/info/rfc8976
DOI: 10.17487/RFC8976
This document describes a protocol and new DNS Resource Record that
provides a cryptographic message digest over DNS zone data at rest.
The ZONEMD Resource Record conveys the digest data in the zone
itself. When used in combination with DNSSEC, ZONEMD allows
recipients to verify the zone contents for data integrity and origin
authenticity. This provides assurance that received zone data matches
published data, regardless of how the zone data has been transmitted
and received. When used without DNSSEC, ZONEMD functions as a
checksum, guarding only against unintentional changes.
ZONEMD does not replace DNSSEC: DNSSEC protects individual RRsets
(DNS data with fine granularity), whereas ZONEMD protects a zone's
data as a whole, whether consumed by authoritative name servers,
recursive name servers, or any other applications.
As specified herein, ZONEMD is impractical for large, dynamic zones
due to the time and resources required for digest calculation.
However, the ZONEMD record is extensible so that new digest schemes
may be added in the future to support large, dynamic zones.
This document is a product of the Domain Name System Operations Working Group of the IETF.
This is now a Proposed Standard.
STANDARDS TRACK: This document specifies an Internet Standards Track
protocol for the Internet community, and requests discussion and suggestions
for improvements. Please refer to the current edition of the Official
Internet Protocol Standards (https://www.rfc-editor.org/standards) for the
standardization state and status of this protocol. Distribution of this
memo is unlimited.
This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
https://www.ietf.org/mailman/listinfo/ietf-announce
https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk
Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.
The RFC Editor Team
Association Management Solutions, LLC
_______________________________________________
rfc-dist mailing list
rfc-dist@rfc-editor.org
https://www.rfc-editor.org/mailman/listinfo/rfc-dist
http://www.rfc-editor.org