summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc2845.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/rfc/rfc2845.txt')
-rw-r--r--doc/rfc/rfc2845.txt843
1 files changed, 843 insertions, 0 deletions
diff --git a/doc/rfc/rfc2845.txt b/doc/rfc/rfc2845.txt
new file mode 100644
index 0000000..aa9f385
--- /dev/null
+++ b/doc/rfc/rfc2845.txt
@@ -0,0 +1,843 @@
+
+
+
+
+
+
+Network Working Group P. Vixie
+Request for Comments: 2845 ISC
+Category: Standards Track O. Gudmundsson
+Updates: 1035 NAI Labs
+ D. Eastlake 3rd
+ Motorola
+ B. Wellington
+ Nominum
+ May 2000
+
+
+ Secret Key Transaction Authentication for DNS (TSIG)
+
+Status of this Memo
+
+ This document specifies an Internet standards track protocol for the
+ Internet community, and requests discussion and suggestions for
+ improvements. Please refer to the current edition of the "Internet
+ Official Protocol Standards" (STD 1) for the standardization state
+ and status of this protocol. Distribution of this memo is unlimited.
+
+Copyright Notice
+
+ Copyright (C) The Internet Society (2000). All Rights Reserved.
+
+Abstract
+
+ This protocol allows for transaction level authentication using
+ shared secrets and one way hashing. It can be used to authenticate
+ dynamic updates as coming from an approved client, or to authenticate
+ responses as coming from an approved recursive name server.
+
+ No provision has been made here for distributing the shared secrets;
+ it is expected that a network administrator will statically configure
+ name servers and clients using some out of band mechanism such as
+ sneaker-net until a secure automated mechanism for key distribution
+ is available.
+
+1 - Introduction
+
+ 1.1. The Domain Name System (DNS) [RFC1034, RFC1035] is a replicated
+ hierarchical distributed database system that provides information
+ fundamental to Internet operations, such as name <=> address
+ translation and mail handling information. DNS has recently been
+ extended [RFC2535] to provide for data origin authentication, and
+ public key distribution, all based on public key cryptography and
+ public key based digital signatures. To be practical, this form of
+
+
+
+
+Vixie, et al. Standards Track [Page 1]
+
+RFC 2845 DNS TSIG May 2000
+
+
+ security generally requires extensive local caching of keys and
+ tracing of authentication through multiple keys and signatures to a
+ pre-trusted locally configured key.
+
+ 1.2. One difficulty with the [RFC2535] scheme is that common DNS
+ implementations include simple "stub" resolvers which do not have
+ caches. Such resolvers typically rely on a caching DNS server on
+ another host. It is impractical for these stub resolvers to perform
+ general [RFC2535] authentication and they would naturally depend on
+ their caching DNS server to perform such services for them. To do so
+ securely requires secure communication of queries and responses.
+ [RFC2535] provides public key transaction signatures to support this,
+ but such signatures are very expensive computationally to generate.
+ In general, these require the same complex public key logic that is
+ impractical for stubs. This document specifies use of a message
+ authentication code (MAC), specifically HMAC-MD5 (a keyed hash
+ function), to provide an efficient means of point-to-point
+ authentication and integrity checking for transactions.
+
+ 1.3. A second area where use of straight [RFC2535] public key based
+ mechanisms may be impractical is authenticating dynamic update
+ [RFC2136] requests. [RFC2535] provides for request signatures but
+ with [RFC2535] they, like transaction signatures, require
+ computationally expensive public key cryptography and complex
+ authentication logic. Secure Domain Name System Dynamic Update
+ ([RFC2137]) describes how different keys are used in dynamically
+ updated zones. This document's secret key based MACs can be used to
+ authenticate DNS update requests as well as transaction responses,
+ providing a lightweight alternative to the protocol described by
+ [RFC2137].
+
+ 1.4. A further use of this mechanism is to protect zone transfers.
+ In this case the data covered would be the whole zone transfer
+ including any glue records sent. The protocol described by [RFC2535]
+ does not protect glue records and unsigned records unless SIG(0)
+ (transaction signature) is used.
+
+ 1.5. The authentication mechanism proposed in this document uses
+ shared secret keys to establish a trust relationship between two
+ entities. Such keys must be protected in a fashion similar to
+ private keys, lest a third party masquerade as one of the intended
+ parties (forge MACs). There is an urgent need to provide simple and
+ efficient authentication between clients and local servers and this
+ proposal addresses that need. This proposal is unsuitable for
+ general server to server authentication for servers which speak with
+ many other servers, since key management would become unwieldy with
+
+
+
+
+
+Vixie, et al. Standards Track [Page 2]
+
+RFC 2845 DNS TSIG May 2000
+
+
+ the number of shared keys going up quadratically. But it is suitable
+ for many resolvers on hosts that only talk to a few recursive
+ servers.
+
+ 1.6. A server acting as an indirect caching resolver -- a "forwarder"
+ in common usage -- might use transaction-based authentication when
+ communicating with its small number of preconfigured "upstream"
+ servers. Other uses of DNS secret key authentication and possible
+ systems for automatic secret key distribution may be proposed in
+ separate future documents.
+
+ 1.7. New Assigned Numbers
+
+ RRTYPE = TSIG (250)
+ ERROR = 0..15 (a DNS RCODE)
+ ERROR = 16 (BADSIG)
+ ERROR = 17 (BADKEY)
+ ERROR = 18 (BADTIME)
+
+ 1.8. The key words "MUST", "REQUIRED", "SHOULD", "RECOMMENDED", and
+ "MAY" in this document are to be interpreted as described in [RFC
+ 2119].
+
+2 - TSIG RR Format
+
+ 2.1 TSIG RR Type
+
+ To provide secret key authentication, we use a new RR type whose
+ mnemonic is TSIG and whose type code is 250. TSIG is a meta-RR and
+ MUST not be cached. TSIG RRs are used for authentication between DNS
+ entities that have established a shared secret key. TSIG RRs are
+ dynamically computed to cover a particular DNS transaction and are
+ not DNS RRs in the usual sense.
+
+ 2.2 TSIG Calculation
+
+ As the TSIG RRs are related to one DNS request/response, there is no
+ value in storing or retransmitting them, thus the TSIG RR is
+ discarded once it has been used to authenticate a DNS message. The
+ only message digest algorithm specified in this document is "HMAC-
+ MD5" (see [RFC1321], [RFC2104]). The "HMAC-MD5" algorithm is
+ mandatory to implement for interoperability. Other algorithms can be
+ specified at a later date. Names and definitions of new algorithms
+ MUST be registered with IANA. All multi-octet integers in the TSIG
+ record are sent in network byte order (see [RFC1035 2.3.2]).
+
+
+
+
+
+
+Vixie, et al. Standards Track [Page 3]
+
+RFC 2845 DNS TSIG May 2000
+
+
+ 2.3. Record Format
+
+ NAME The name of the key used in domain name syntax. The name
+ should reflect the names of the hosts and uniquely identify
+ the key among a set of keys these two hosts may share at any
+ given time. If hosts A.site.example and B.example.net share a
+ key, possibilities for the key name include
+ <id>.A.site.example, <id>.B.example.net, and
+ <id>.A.site.example.B.example.net. It should be possible for
+ more than one key to be in simultaneous use among a set of
+ interacting hosts. The name only needs to be meaningful to
+ the communicating hosts but a meaningful mnemonic name as
+ above is strongly recommended.
+
+ The name may be used as a local index to the key involved and
+ it is recommended that it be globally unique. Where a key is
+ just shared between two hosts, its name actually only need
+ only be meaningful to them but it is recommended that the key
+ name be mnemonic and incorporate the resolver and server host
+ names in that order.
+
+ TYPE TSIG (250: Transaction SIGnature)
+
+ CLASS ANY
+
+ TTL 0
+
+ RdLen (variable)
+
+ RDATA
+
+ Field Name Data Type Notes
+ --------------------------------------------------------------
+ Algorithm Name domain-name Name of the algorithm
+ in domain name syntax.
+ Time Signed u_int48_t seconds since 1-Jan-70 UTC.
+ Fudge u_int16_t seconds of error permitted
+ in Time Signed.
+ MAC Size u_int16_t number of octets in MAC.
+ MAC octet stream defined by Algorithm Name.
+ Original ID u_int16_t original message ID
+ Error u_int16_t expanded RCODE covering
+ TSIG processing.
+ Other Len u_int16_t length, in octets, of
+ Other Data.
+ Other Data octet stream empty unless Error == BADTIME
+
+
+
+
+
+Vixie, et al. Standards Track [Page 4]
+
+RFC 2845 DNS TSIG May 2000
+
+
+ 2.4. Example
+
+ NAME HOST.EXAMPLE.
+
+ TYPE TSIG
+
+ CLASS ANY
+
+ TTL 0
+
+ RdLen as appropriate
+
+ RDATA
+
+ Field Name Contents
+ -------------------------------------
+ Algorithm Name SAMPLE-ALG.EXAMPLE.
+ Time Signed 853804800
+ Fudge 300
+ MAC Size as appropriate
+ MAC as appropriate
+ Original ID as appropriate
+ Error 0 (NOERROR)
+ Other Len 0
+ Other Data empty
+
+3 - Protocol Operation
+
+ 3.1. Effects of adding TSIG to outgoing message
+
+ Once the outgoing message has been constructed, the keyed message
+ digest operation can be performed. The resulting message digest will
+ then be stored in a TSIG which is appended to the additional data
+ section (the ARCOUNT is incremented to reflect this). If the TSIG
+ record cannot be added without causing the message to be truncated,
+ the server MUST alter the response so that a TSIG can be included.
+ This response consists of only the question and a TSIG record, and
+ has the TC bit set and RCODE 0 (NOERROR). The client SHOULD at this
+ point retry the request using TCP (per [RFC1035 4.2.2]).
+
+ 3.2. TSIG processing on incoming messages
+
+ If an incoming message contains a TSIG record, it MUST be the last
+ record in the additional section. Multiple TSIG records are not
+ allowed. If a TSIG record is present in any other position, the
+ packet is dropped and a response with RCODE 1 (FORMERR) MUST be
+ returned. Upon receipt of a message with a correctly placed TSIG RR,
+ the TSIG RR is copied to a safe location, removed from the DNS
+
+
+
+Vixie, et al. Standards Track [Page 5]
+
+RFC 2845 DNS TSIG May 2000
+
+
+ Message, and decremented out of the DNS message header's ARCOUNT. At
+ this point the keyed message digest operation is performed. If the
+ algorithm name or key name is unknown to the recipient, or if the
+ message digests do not match, the whole DNS message MUST be
+ discarded. If the message is a query, a response with RCODE 9
+ (NOTAUTH) MUST be sent back to the originator with TSIG ERROR 17
+ (BADKEY) or TSIG ERROR 16 (BADSIG). If no key is available to sign
+ this message it MUST be sent unsigned (MAC size == 0 and empty MAC).
+ A message to the system operations log SHOULD be generated, to warn
+ the operations staff of a possible security incident in progress.
+ Care should be taken to ensure that logging of this type of event
+ does not open the system to a denial of service attack.
+
+ 3.3. Time values used in TSIG calculations
+
+ The data digested includes the two timer values in the TSIG header in
+ order to defend against replay attacks. If this were not done, an
+ attacker could replay old messages but update the "Time Signed" and
+ "Fudge" fields to make the message look new. This data is named
+ "TSIG Timers", and for the purpose of digest calculation they are
+ invoked in their "on the wire" format, in the following order: first
+ Time Signed, then Fudge. For example:
+
+Field Name Value Wire Format Meaning
+----------------------------------------------------------------------
+Time Signed 853804800 00 00 32 e4 07 00 Tue Jan 21 00:00:00 1997
+Fudge 300 01 2C 5 minutes
+
+ 3.4. TSIG Variables and Coverage
+
+ When generating or verifying the contents of a TSIG record, the
+ following data are digested, in network byte order or wire format, as
+ appropriate:
+
+ 3.4.1. DNS Message
+
+ A whole and complete DNS message in wire format, before the TSIG RR
+ has been added to the additional data section and before the DNS
+ Message Header's ARCOUNT field has been incremented to contain the
+ TSIG RR. If the message ID differs from the original message ID, the
+ original message ID is substituted for the message ID. This could
+ happen when forwarding a dynamic update request, for example.
+
+
+
+
+
+
+
+
+
+Vixie, et al. Standards Track [Page 6]
+
+RFC 2845 DNS TSIG May 2000
+
+
+ 3.4.2. TSIG Variables
+
+Source Field Name Notes
+-----------------------------------------------------------------------
+TSIG RR NAME Key name, in canonical wire format
+TSIG RR CLASS (Always ANY in the current specification)
+TSIG RR TTL (Always 0 in the current specification)
+TSIG RDATA Algorithm Name in canonical wire format
+TSIG RDATA Time Signed in network byte order
+TSIG RDATA Fudge in network byte order
+TSIG RDATA Error in network byte order
+TSIG RDATA Other Len in network byte order
+TSIG RDATA Other Data exactly as transmitted
+
+ The RR RDLEN and RDATA MAC Length are not included in the hash since
+ they are not guaranteed to be knowable before the MAC is generated.
+
+ The Original ID field is not included in this section, as it has
+ already been substituted for the message ID in the DNS header and
+ hashed.
+
+ For each label type, there must be a defined "Canonical wire format"
+ that specifies how to express a label in an unambiguous way. For
+ label type 00, this is defined in [RFC2535], for label type 01, this
+ is defined in [RFC2673]. The use of label types other than 00 and 01
+ is not defined for this specification.
+
+ 3.4.3. Request MAC
+
+ When generating the MAC to be included in a response, the request MAC
+ must be included in the digest. The request's MAC is digested in
+ wire format, including the following fields:
+
+ Field Type Description
+ ---------------------------------------------------
+ MAC Length u_int16_t in network byte order
+ MAC Data octet stream exactly as transmitted
+
+ 3.5. Padding
+
+ Digested components are fed into the hashing function as a continuous
+ octet stream with no interfield padding.
+
+
+
+
+
+
+
+
+
+Vixie, et al. Standards Track [Page 7]
+
+RFC 2845 DNS TSIG May 2000
+
+
+4 - Protocol Details
+
+ 4.1. TSIG generation on requests
+
+ Client performs the message digest operation and appends a TSIG
+ record to the additional data section and transmits the request to
+ the server. The client MUST store the message digest from the
+ request while awaiting an answer. The digest components for a
+ request are:
+
+ DNS Message (request)
+ TSIG Variables (request)
+
+ Note that some older name servers will not accept requests with a
+ nonempty additional data section. Clients SHOULD only attempt signed
+ transactions with servers who are known to support TSIG and share
+ some secret key with the client -- so, this is not a problem in
+ practice.
+
+ 4.2. TSIG on Answers
+
+ When a server has generated a response to a signed request, it signs
+ the response using the same algorithm and key. The server MUST not
+ generate a signed response to an unsigned request. The digest
+ components are:
+
+ Request MAC
+ DNS Message (response)
+ TSIG Variables (response)
+
+ 4.3. TSIG on TSIG Error returns
+
+ When a server detects an error relating to the key or MAC, the server
+ SHOULD send back an unsigned error message (MAC size == 0 and empty
+ MAC). If an error is detected relating to the TSIG validity period,
+ the server SHOULD send back a signed error message. The digest
+ components are:
+
+ Request MAC (if the request MAC validated)
+ DNS Message (response)
+ TSIG Variables (response)
+
+ The reason that the request is not included in this digest in some
+ cases is to make it possible for the client to verify the error. If
+ the error is not a TSIG error the response MUST be generated as
+ specified in [4.2].
+
+
+
+
+
+Vixie, et al. Standards Track [Page 8]
+
+RFC 2845 DNS TSIG May 2000
+
+
+ 4.4. TSIG on TCP connection
+
+ A DNS TCP session can include multiple DNS envelopes. This is, for
+ example, commonly used by zone transfer. Using TSIG on such a
+ connection can protect the connection from hijacking and provide data
+ integrity. The TSIG MUST be included on the first and last DNS
+ envelopes. It can be optionally placed on any intermediary
+ envelopes. It is expensive to include it on every envelopes, but it
+ MUST be placed on at least every 100'th envelope. The first envelope
+ is processed as a standard answer, and subsequent messages have the
+ following digest components:
+
+ Prior Digest (running)
+ DNS Messages (any unsigned messages since the last TSIG)
+ TSIG Timers (current message)
+
+ This allows the client to rapidly detect when the session has been
+ altered; at which point it can close the connection and retry. If a
+ client TSIG verification fails, the client MUST close the connection.
+ If the client does not receive TSIG records frequently enough (as
+ specified above) it SHOULD assume the connection has been hijacked
+ and it SHOULD close the connection. The client SHOULD treat this the
+ same way as they would any other interrupted transfer (although the
+ exact behavior is not specified).
+
+ 4.5. Server TSIG checks
+
+ Upon receipt of a message, server will check if there is a TSIG RR.
+ If one exists, the server is REQUIRED to return a TSIG RR in the
+ response. The server MUST perform the following checks in the
+ following order, check KEY, check TIME values, check MAC.
+
+ 4.5.1. KEY check and error handling
+
+ If a non-forwarding server does not recognize the key used by the
+ client, the server MUST generate an error response with RCODE 9
+ (NOTAUTH) and TSIG ERROR 17 (BADKEY). This response MUST be unsigned
+ as specified in [4.3]. The server SHOULD log the error.
+
+ 4.5.2. TIME check and error handling
+
+ If the server time is outside the time interval specified by the
+ request (which is: Time Signed, plus/minus Fudge), the server MUST
+ generate an error response with RCODE 9 (NOTAUTH) and TSIG ERROR 18
+ (BADTIME). The server SHOULD also cache the most recent time signed
+ value in a message generated by a key, and SHOULD return BADTIME if a
+ message received later has an earlier time signed value. A response
+ indicating a BADTIME error MUST be signed by the same key as the
+
+
+
+Vixie, et al. Standards Track [Page 9]
+
+RFC 2845 DNS TSIG May 2000
+
+
+ request. It MUST include the client's current time in the time
+ signed field, the server's current time (a u_int48_t) in the other
+ data field, and 6 in the other data length field. This is done so
+ that the client can verify a message with a BADTIME error without the
+ verification failing due to another BADTIME error. The data signed
+ is specified in [4.3]. The server SHOULD log the error.
+
+ 4.5.3. MAC check and error handling
+
+ If a TSIG fails to verify, the server MUST generate an error response
+ as specified in [4.3] with RCODE 9 (NOTAUTH) and TSIG ERROR 16
+ (BADSIG). This response MUST be unsigned as specified in [4.3]. The
+ server SHOULD log the error.
+
+ 4.6. Client processing of answer
+
+ When a client receives a response from a server and expects to see a
+ TSIG, it first checks if the TSIG RR is present in the response.
+ Otherwise, the response is treated as having a format error and
+ discarded. The client then extracts the TSIG, adjusts the ARCOUNT,
+ and calculates the keyed digest in the same way as the server. If
+ the TSIG does not validate, that response MUST be discarded, unless
+ the RCODE is 9 (NOTAUTH), in which case the client SHOULD attempt to
+ verify the response as if it were a TSIG Error response, as specified
+ in [4.3]. A message containing an unsigned TSIG record or a TSIG
+ record which fails verification SHOULD not be considered an
+ acceptable response; the client SHOULD log an error and continue to
+ wait for a signed response until the request times out.
+
+ 4.6.1. Key error handling
+
+ If an RCODE on a response is 9 (NOTAUTH), and the response TSIG
+ validates, and the TSIG key is different from the key used on the
+ request, then this is a KEY error. The client MAY retry the request
+ using the key specified by the server. This should never occur, as a
+ server MUST NOT sign a response with a different key than signed the
+ request.
+
+ 4.6.2. Time error handling
+
+ If the response RCODE is 9 (NOTAUTH) and the TSIG ERROR is 18
+ (BADTIME), or the current time does not fall in the range specified
+ in the TSIG record, then this is a TIME error. This is an indication
+ that the client and server clocks are not synchronized. In this case
+ the client SHOULD log the event. DNS resolvers MUST NOT adjust any
+ clocks in the client based on BADTIME errors, but the server's time
+ in the other data field SHOULD be logged.
+
+
+
+
+Vixie, et al. Standards Track [Page 10]
+
+RFC 2845 DNS TSIG May 2000
+
+
+ 4.6.3. MAC error handling
+
+ If the response RCODE is 9 (NOTAUTH) and TSIG ERROR is 16 (BADSIG),
+ this is a MAC error, and client MAY retry the request with a new
+ request ID but it would be better to try a different shared key if
+ one is available. Client SHOULD keep track of how many MAC errors
+ are associated with each key. Clients SHOULD log this event.
+
+ 4.7. Special considerations for forwarding servers
+
+ A server acting as a forwarding server of a DNS message SHOULD check
+ for the existence of a TSIG record. If the name on the TSIG is not
+ of a secret that the server shares with the originator the server
+ MUST forward the message unchanged including the TSIG. If the name
+ of the TSIG is of a key this server shares with the originator, it
+ MUST process the TSIG. If the TSIG passes all checks, the forwarding
+ server MUST, if possible, include a TSIG of his own, to the
+ destination or the next forwarder. If no transaction security is
+ available to the destination and the response has the AD flag (see
+ [RFC2535]), the forwarder MUST unset the AD flag before adding the
+ TSIG to the answer.
+
+5 - Shared Secrets
+
+ 5.1. Secret keys are very sensitive information and all available
+ steps should be taken to protect them on every host on which they are
+ stored. Generally such hosts need to be physically protected. If
+ they are multi-user machines, great care should be taken that
+ unprivileged users have no access to keying material. Resolvers
+ often run unprivileged, which means all users of a host would be able
+ to see whatever configuration data is used by the resolver.
+
+ 5.2. A name server usually runs privileged, which means its
+ configuration data need not be visible to all users of the host. For
+ this reason, a host that implements transaction-based authentication
+ should probably be configured with a "stub resolver" and a local
+ caching and forwarding name server. This presents a special problem
+ for [RFC2136] which otherwise depends on clients to communicate only
+ with a zone's authoritative name servers.
+
+ 5.3. Use of strong random shared secrets is essential to the security
+ of TSIG. See [RFC1750] for a discussion of this issue. The secret
+ should be at least as long as the keyed message digest, i.e. 16 bytes
+ for HMAC-MD5 or 20 bytes for HMAC-SHA1.
+
+
+
+
+
+
+
+Vixie, et al. Standards Track [Page 11]
+
+RFC 2845 DNS TSIG May 2000
+
+
+6 - Security Considerations
+
+ 6.1. The approach specified here is computationally much less
+ expensive than the signatures specified in [RFC2535]. As long as the
+ shared secret key is not compromised, strong authentication is
+ provided for the last hop from a local name server to the user
+ resolver.
+
+ 6.2. Secret keys should be changed periodically. If the client host
+ has been compromised, the server should suspend the use of all
+ secrets known to that client. If possible, secrets should be stored
+ in encrypted form. Secrets should never be transmitted in the clear
+ over any network. This document does not address the issue on how to
+ distribute secrets. Secrets should never be shared by more than two
+ entities.
+
+ 6.3. This mechanism does not authenticate source data, only its
+ transmission between two parties who share some secret. The original
+ source data can come from a compromised zone master or can be
+ corrupted during transit from an authentic zone master to some
+ "caching forwarder." However, if the server is faithfully performing
+ the full [RFC2535] security checks, then only security checked data
+ will be available to the client.
+
+ 6.4. A fudge value that is too large may leave the server open to
+ replay attacks. A fudge value that is too small may cause failures
+ if machines are not time synchronized or there are unexpected network
+ delays. The recommended value in most situation is 300 seconds.
+
+7 - IANA Considerations
+
+ IANA is expected to create and maintain a registry of algorithm names
+ to be used as "Algorithm Names" as defined in Section 2.3. The
+ initial value should be "HMAC-MD5.SIG-ALG.REG.INT". Algorithm names
+ are text strings encoded using the syntax of a domain name. There is
+ no structure required other than names for different algorithms must
+ be unique when compared as DNS names, i.e., comparison is case
+ insensitive. Note that the initial value mentioned above is not a
+ domain name, and therefore need not be a registered name within the
+ DNS. New algorithms are assigned using the IETF Consensus policy
+ defined in RFC 2434. The algorithm name HMAC-MD5.SIG-ALG.REG.INT
+ looks like a FQDN for historical reasons; future algorithm names are
+ expected to be simple (i.e., single-component) names.
+
+
+
+
+
+
+
+
+Vixie, et al. Standards Track [Page 12]
+
+RFC 2845 DNS TSIG May 2000
+
+
+ IANA is expected to create and maintain a registry of "TSIG Error
+ values" to be used for "Error" values as defined in section 2.3.
+ Initial values should be those defined in section 1.7. New TSIG
+ error codes for the TSIG error field are assigned using the IETF
+ Consensus policy defined in RFC 2434.
+
+8 - References
+
+ [RFC1034] Mockapetris, P., "Domain Names - Concepts and Facilities",
+ STD 13, RFC 1034, November 1987.
+
+ [RFC1035] Mockapetris, P., "Domain Names - Implementation and
+ Specification", STD 13, RFC 1034, November 1987.
+
+ [RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
+ April 1992.
+
+ [RFC1750] Eastlake, D., Crocker, S. and J. Schiller, "Randomness
+ Recommendations for Security", RFC 1750, December 1995.
+
+ [RFC2104] Krawczyk, H., Bellare, M. and R. Canetti, "HMAC-MD5:
+ Keyed-MD5 for Message Authentication", RFC 2104, February
+ 1997.
+
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", BCP 14, RFC 2119, March 1997.
+
+ [RFC2136] Vixie, P., Thomson, S., Rekhter, Y. and J. Bound "Dynamic
+ Updates in the Domain Name System", RFC 2136, April 1997.
+
+ [RFC2137] Eastlake 3rd, D., "Secure Domain Name System Dynamic
+ Update", RFC 2137, April 1997.
+
+ [RFC2535] Eastlake, D., "Domain Name System Security Extensions",
+ RFC 2535, March 1999.
+
+ [RFC2673] Crawford, M., "Binary Labels in the Domain Name System",
+ RFC 2673, August 1999.
+
+
+
+
+
+
+
+
+
+
+
+
+
+Vixie, et al. Standards Track [Page 13]
+
+RFC 2845 DNS TSIG May 2000
+
+
+9 - Authors' Addresses
+
+ Paul Vixie
+ Internet Software Consortium
+ 950 Charter Street
+ Redwood City, CA 94063
+
+ Phone: +1 650 779 7001
+ EMail: vixie@isc.org
+
+
+ Olafur Gudmundsson
+ NAI Labs
+ 3060 Washington Road, Route 97
+ Glenwood, MD 21738
+
+ Phone: +1 443 259 2389
+ EMail: ogud@tislabs.com
+
+
+ Donald E. Eastlake 3rd
+ Motorola
+ 140 Forest Avenue
+ Hudson, MA 01749 USA
+
+ Phone: +1 508 261 5434
+ EMail: dee3@torque.pothole.com
+
+
+ Brian Wellington
+ Nominum, Inc.
+ 950 Charter Street
+ Redwood City, CA 94063
+
+ Phone: +1 650 779 6022
+ EMail: Brian.Wellington@nominum.com
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Vixie, et al. Standards Track [Page 14]
+
+RFC 2845 DNS TSIG May 2000
+
+
+10 Full Copyright Statement
+
+ Copyright (C) The Internet Society (2000). All Rights Reserved.
+
+ This document and translations of it may be copied and furnished to
+ others, and derivative works that comment on or otherwise explain it
+ or assist in its implementation may be prepared, copied, published
+ and distributed, in whole or in part, without restriction of any
+ kind, provided that the above copyright notice and this paragraph are
+ included on all such copies and derivative works. However, this
+ document itself may not be modified in any way, such as by removing
+ the copyright notice or references to the Internet Society or other
+ Internet organizations, except as needed for the purpose of
+ developing Internet standards in which case the procedures for
+ copyrights defined in the Internet Standards process must be
+ followed, or as required to translate it into languages other than
+ English.
+
+ The limited permissions granted above are perpetual and will not be
+ revoked by the Internet Society or its successors or assigns.
+
+ This document and the information contained herein is provided on an
+ "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
+ TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
+ BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
+ HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
+ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+
+Acknowledgement
+
+ Funding for the RFC Editor function is currently provided by the
+ Internet Society.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Vixie, et al. Standards Track [Page 15]
+