I-D Action:draft-groth-dns-encryption-02.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : DNS Encryption
	Author(s)       : D. Groth
	Filename        : draft-groth-dns-encryption-02.txt
	Pages           : 15
	Date            : 2008-07-14

This document requests IANA registration of a new DNS OpCode and
ErrorCode type in facilitating encryption of DNS requests and
replies and feed back to the client if plain text requests are not
acceptable. Once this OpCode is seen the DNS server attempts to
decrypt the request using its private OpenPGP key. Inside the
encrypted packet is the AES key which the client expects to be used
when the server encrypts a response. A server may advertise that it
is capable of DNS encryption by returning OpenPGP fingerprints in
TXT records using a similar format to Public Key Association (PKA).
The full pubic keys are returned from DNS servers by using a CERT
request against the host name(s) of the domain's NS records or via
OpenPGP key servers.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-groth-dns-encryption-02.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
<ftp://ftp.ietf.org/internet-drafts/draft-groth-dns-encryption-02.txt>
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux