[ Note to readers: Section 10.1 ("Issue Fixed in this Document") is useful to understand the reason for this document. I'm asking the authors to please put a pointer (or similar) to this in the abstract. ]
The IESG has received a request from the Domain Name System Operations WG (dnsop) to consider the following document: - 'Secret Key Transaction Authentication for DNS (TSIG)' <draft-ietf-dnsop-rfc2845bis-06.txt> as Internet Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the last-c...@ietf.org mailing lists by 2020-01-21. Exceptionally, comments may be sent to i...@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document describes a protocol for transaction level authentication using shared secrets and one way hashing. It can be used to authenticate dynamic updates as coming from an approved client, or to authenticate responses as coming from an approved name server. No recommendation is made here for distributing the shared secrets: it is expected that a network administrator will statically configure name servers and clients using some out of band mechanism. This document obsoletes RFC2845 and RFC4635. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc2845bis/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc2845bis/ballot/ No IPR declarations have been submitted directly on this I-D. The document contains these normative downward references. See RFC 3967 for additional information: rfc4635: HMAC SHA (Hashed Message Authentication Code, Secure Hash Algorithm) TSIG Algorithm Identifiers (Proposed Standard - IETF stream) rfc2845: Secret Key Transaction Authentication for DNS (TSIG) (Proposed Standard - IETF stream) rfc3597: Handling of Unknown DNS Resource Record (RR) Types (Proposed Standard - IETF stream) _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop