DNS Extensions (dnsext) ----------------------- Charter Last Modified: 2008-02-28 Current Status: Active Working Group Chair(s): Olafur Gudmundsson Internet Area Director(s): Jari Arkko Mark Townsley Internet Area Advisor: Mark Townsley Mailing Lists: General Discussion:namedroppers@ops.ietf.org To Subscribe: namedroppers-request@ops.ietf.org Archive: http://ops.ietf.org/lists/namedroppers/ Description of Working Group: The DNS has a large installed base and repertoire of protocol specifications. The DNSEXT WG group will actively advance DNS protocol-related RFCs on the standards track while thoroughly reviewing further proposed extensions. The scope of the DNSEXT WG is confined to the DNS protocol, particularly changes that affect DNS protocols "on the wire" or the internal processing of DNS data. DNS operations are out of scope for the WG. The WG will limit itself to review of proposals for new extensions, clarification to the DNS protocol, including DNSSEC, and review of DNS protocol related work which may originate elsewhere in the IETF, including AD-sponsored submissions or drafts in other working groups. Adoption of new DNSEXT standards track working group items will require changes to this charter. The WG does not intend to hold face to face meetings, though may do so if deemed necessary for resolution of a specific issue at hand. The DNSEXT WG will conduct the specified RFC2929bis review of RR templates as they are posted and also maintain a living ID of errata for the DNSSEC document set. Goals and Milestones: Done Forward NSEC rdata to IESG for Proposed Standard Done Forward RFC2535-bis to IESG for proposed standard Done Forward Case Insensitive to IESG for Proposed Standard Done Forward LLMNR to IESG for Proposed Standard Done Update boilerplate text on OPT-IN Done Forward Wildcard clarification to IESG for proposed standard Feb 2007 Submit KEY algorithm documents RFC253[69]bis and RFC3110 to IESG for proposed standard Done Finalize Zone Enumeration Requirements Jun 2007 Start of process of reviewing the following RFCs and to move them to Draft Standard status Jul 2007 RFC2930 (TKEY) to Draft standard Jul 2007 RFC2181 (Clarify) to Draft Standard Jul 2007 RFC2136 (Dynamic Update) to Draft Standard Jul 2007 RFC2308 (Neg Caching) to Draft Standard Jul 2007 RFC3007 (Secure Update) to Draft Standard Jul 2007 RFC2782 (SRV RR) to Draft Standard Jul 2007 RFC2671 (EDNS0) to Draft Standard Jul 2007 RFC1995 (IXFR) to Draft standard Jul 2007 RFC2672 (DNAME) to Draft Standard or revision Jul 2007 RFC1996 (Notify) to Draft Standard Jul 2007 Submit to IESG RFC2845 (TSIG)to Draft standard Jul 2007 RFC1982 (Serial Number Arithmetic) Jul 2007 RFC2538 (CERT RR) to Draft Standard Jul 2007 FRC2539 (DH Key RR) to Draft Standard Jul 2007 RFC3226 (Message Size) to Draft Standard Feb 2008 RFC2536bis and RFC2539bis advanced to IESG. Mar 2008 DNAMEbis advanced to IESG Apr 2008 ENDS0bis advanced to IESG Jun 2008 Forgery Resilience advanced to IESG Jul 2008 AXFR-clarify advanced to IESG Dec 2008 DNS-profile advanced to IESG Internet-Drafts: Posted Revised I-D Title ------ ------- -------------------------------------------- Mar 2000 Feb 2008 DNS Zone Transfer Protocol (AXFR) May 2005 Nov 2007 Clarifications and Implementation Notes for DNSSECbis Jul 2005 Aug 2007 Domain Name System (DNS) IANA Considerations Feb 2006 Feb 2008 Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC Sep 2006 Feb 2008 Update to DNAME Redirection in the DNS Jan 2007 Feb 2008 Measures for making DNS more resilient against forged answers Dec 2007 Mar 2008 Revised extension mechanisms for DNS (EDNS0) Jan 2008 Jan 2008 The Modern DNS Implementation Guide Request For Comments: RFC Stat Published Title ------- -- ----------- ------------------------------------ RFC2782 PS Feb 2000 A DNS RR for specifying the location of services (DNS SRV) RFC2845Standard Jun 2000 Secret Key Transaction Authentication for DNS (TSIG) RFC2929BCP Sep 2000 Domain Name System (DNS) IANA Considerations RFC2930 PS Sep 2000 Secret Key Establishment for DNS (TKEY RR) RFC2931 PS Sep 2000 DNS Request and Transaction Signatures ( SIG(0)s ) RFC3008 PS Dec 2000 Domain Name System Security (DNSSEC) Signing Authority RFC3007 PS Dec 2000 Secure Domain Name System (DNS) Dynamic Update RFC3090 PS Mar 2001 DNS Security Extension Clarification on Zone Status RFC3110 PS May 2001 RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS) RFC3123 E Jun 2001 A DNS RR Type for Lists of Address Prefixes (APL RR) RFC3197 I Nov 2001 Applicability Statement for DNS MIB Extensions RFC3226 PS Dec 2001 DNSSEC and IPv6 A6 aware server/resolver message size requirements RFC3225 PS Dec 2001 Indicating Resolver Support of DNSSEC RFC3363 I Aug 2002 Representing IPv6 addresses in DNS RFC3364 I Aug 2002 Tradeoffs in DNS support for IPv6 RFC3425 PS Nov 2002 Obsoleting IQUERY RFC3445 PS Dec 2002 Limiting the Scope of the KEY Resource Record out RFC3597 PS Sep 2003 Handling of Unknown DNS Resource Record (RR) Types RFC3596Standard Oct 2003 DNS Extensions to support IP version 6 RFC3645Standard Oct 2003 GSS Algorithm for TSIG (GSS-TSIG) RFC3655Standard Nov 2003 Redefinition of DNS AD bit RFC3658Standard Dec 2003 Delegation Signer Resource Record RFC3757Standard May 2004 KEY RR Secure Entry Point Flag RFC3755Standard May 2004 Legacy Resolver Compatibility for Delegation Signer RFC3845Standard Aug 2004 DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format RFC3833 I Aug 2004 Threat Analysis Of The Domain Name System RFC4035Standard Apr 2005 Protocol Modifications for the DNS Security Extensions RFC4034Standard Apr 2005 Resource Records for the DNS Security Extensions RFC4033Standard Apr 2005 DNS Security Introduction and Requirements RFC4343Standard Jan 2006 Domain Name System (DNS) Case Insensitivity Clarification RFC4398 PS Mar 2006 Storing Certificates in the Domain Name System (DNS) RFC4470 PS Apr 2006 Minimally Covering NSEC Records and DNSSEC On-line Signing RFC4509 PS May 2006 Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource Records (RRs) RFC4592 PS Jul 2006 The Role of Wildcards in the Domain Name System RFC4635 PS Aug 2006 HMAC SHA (Hashed Message Authentication Code, Secure Hash Algorithm) TSIG Algorithm Identifiers RFC4471 E Sep 2006 Derivation of DNS Name Predecessor and Successor RFC4701 PS Oct 2006 A DNS Resource Record (RR) for Encoding Dynamic Host Configuration Protocol (DHCP) Information (DHCID RR) RFC4795 I Jan 2007 Link-local Multicast Name Resolution (LLMNR) RFC4956 E Jul 2007 DNS Security (DNSSEC) Opt-In RFC4955 PS Jul 2007 DNS Security (DNSSEC) Experiments RFC5001 PS Aug 2007 DNS Name Server Identifier Option (NSID) RFC4986 I Aug 2007 Requirements Related to DNS Security (DNSSEC) Trust Anchor Rollover RFC5011 PS Sep 2007 Automated Updates of DNS Security (DNSSEC) Trust Anchors RFC5155 PS Mar 2008 DNS Security (DNSSEC) Hashed Authenticated Denial of Existence