draft-ietf-dnsext-dnssec-rsasha256-08.txt   draft-ietf-dnsext-dnssec-rsasha256-09.txt 
DNS Extensions working group J. Jansen DNS Extensions working group J. Jansen
Internet-Draft NLnet Labs Internet-Draft NLnet Labs
Intended status: Standards Track December 04, 2008 Intended status: Standards Track December 04, 2008
Expires: June 7, 2009 Expires: June 7, 2009
Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records
for DNSSEC for DNSSEC
draft-ietf-dnsext-dnssec-rsasha256-08 draft-ietf-dnsext-dnssec-rsasha256-09
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 6, line 7 skipping to change at page 6, line 7
5. Implementation Considerations 5. Implementation Considerations
5.1. Support for SHA-2 signatures 5.1. Support for SHA-2 signatures
DNSSEC aware implementations SHOULD be able to support RRSIG resource DNSSEC aware implementations SHOULD be able to support RRSIG resource
records with the RSA/SHA-2 algorithms. records with the RSA/SHA-2 algorithms.
6. IANA Considerations 6. IANA Considerations
Note to the RFC editor: please remove this paragraph during final This document updates the IANA registry "DNS SECURITY ALGORITHM
editing, and request IANA to update the {TBA} designators. NUMBERS -- per [RFC4035]"
(http://www.iana.org/assignments/dns-sec-alg-numbers). The following
IANA has assigned DNS Security Algorithm Numbers {TBA1} for RSA/ entries are added to the registry:
SHA-256 with NSEC, {TBA2} for RSA/SHA-256 with NSEC3, {TBA3} for RSA/
SHA-512 with NSEC, and {TBA4} for RSA/SHA-512 with NSEC3.
The algorithm list from RFC 4034 Appendix A.1 [RFC4034] is extended
with the following entries:
Zone Zone
Value Algorithm Mnemonic Signing References Value Algorithm Mnemonic Signing References
{TBA1} RSA/SHA-256 RSASHA256 y {this memo} {TBA1} RSA/SHA-256 RSASHA256 y {this memo}
{TBA2} RSA/SHA-256-NSEC3 RSASHA256NSEC3 y {this memo} {TBA2} RSA/SHA-256-NSEC3 RSASHA256NSEC3 y {this memo}
{TBA3} RSA/SHA-512 RSASHA512 y {this memo} {TBA3} RSA/SHA-512 RSASHA512 y {this memo}
{TBA4} RSA/SHA-512-NSEC3 RSASHA512NSEC3 y {this memo} {TBA4} RSA/SHA-512-NSEC3 RSASHA512NSEC3 y {this memo}
7. Security Considerations 7. Security Considerations
 End of changes. 2 change blocks. 
10 lines changed or deleted 5 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/