UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

- Trained on our vast library of engineering resources.

IETF RFC 5910

Domain Name System (DNS) Security Extensions Mapping for the Extensible Provisioning Protocol (EPP)

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 May 2010
Status: active
Page Count: 36
scope:

Introduction

This document describes an extension mapping for version 1.0 of the Extensible Provisioning Protocol (EPP) described in RFC 5730 [RFC5730]. This mapping, an extension of the domain name mapping described in RFC 5731 [RFC5731], is specified using the Extensible Markup Language (XML) 1.0 [W3C.REC-xml-20001006] and XML Schema notation ([W3C.REC-xmlschema-1-20010502] [W3C.REC-xmlschema-2-20010502]).

The EPP core protocol specification [RFC5730] provides a complete description of EPP command and response structures. A thorough understanding of the base protocol specification is necessary to understand the mapping described in this document. Familiarity with the Domain Name System (DNS) described in RFC 1034 [RFC1034] and RFC 1035 [RFC1035] and with DNS security extensions described in RFC 4033 [RFC4033], RFC 4034 [RFC4034], and RFC 4035 [RFC4035] is required to understand the DNS security concepts described in this document.

The EPP mapping described in this document specifies a mechanism for the provisioning and management of DNS security extensions in a shared central repository. Information exchanged via this mapping can be extracted from the repository and used to publish DNSSEC Delegation Signer (DS) resource records (RRs) as described in RFC 4034 [RFC4034].

This document obsoletes RFC 4310 [RFC4310]; thus, secDNS-1.1 as defined in this document deprecates secDNS-1.0 [RFC4310]. The motivation behind obsoleting RFC 4310 [RFC4310] includes:

- Addressing the issue with removing DS data based on the non-unique element. The client should explicitly specify the DS data to be removed, by using all four elements that are guaranteed to be unique.

- Adding the ability to add and remove elements in a single command. This makes it consistent with RFC 5731 [RFC5731].

- Clarifying and correcting the usage of the element. RFC 4310 [RFC4310] defined the element as a replacement for the DS data. This is inconsistent with RFC 5731 [RFC5731], where a element is used to change the values of the domain attributes.

- Adding support for the Key Data Interface described in Section 4.2 for "thick" DNSSEC servers that accept only key data and generate the associated DS data.

Document History

IETF RFC 5910
May 1, 2010
Domain Name System (DNS) Security Extensions Mapping for the Extensible Provisioning Protocol (EPP)
Introduction This document describes an extension mapping for version 1.0 of the Extensible Provisioning Protocol (EPP) described in RFC 5730 [RFC5730]. This mapping, an extension of the domain name...

References

Advertisement