|
|
# RFCs and Internet Drafts relating to resolvers
|
|
|
|
|
|
## Plain DNS
|
|
|
|
|
|
### Standards track
|
|
|
* DOMAIN NAMES - CONCEPTS AND FACILITIES ([RFC 1034](https://tools.ietf.org/html/rfc1034))
|
|
|
* DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION ([RFC 1035](https://tools.ietf.org/html/rfc1035))
|
|
|
* Clarifications to the DNS Specification ([RFC 2181](https://tools.ietf.org/html/rfc2181))
|
|
|
* Negative Caching of DNS Queries (DNS NCACHE) ([RFC 2308](https://tools.ietf.org/html/rfc2308))
|
|
|
* Obsoleting IQUERY ([RFC 3425](https://tools.ietf.org/html/rfc3425))
|
|
|
* DNS Extensions to Support IP Version 6 ([RFC 3596](https://tools.ietf.org/html/rfc3596))
|
|
|
* Handling of Unknown DNS Resource Record (RR) Types ([RFC 3597](https://tools.ietf.org/html/rfc3597))
|
|
|
* Domain Name System (DNS) Case Insensitivity Clarification ([RFC 4343](https://tools.ietf.org/html/rfc4343))
|
|
|
* The Role of Wildcards in the Domain Name System ([RFC 4592](https://tools.ietf.org/html/rfc4592))
|
|
|
* DNS Name Server Identifier (NSID) Option ([RFC 5001](https://tools.ietf.org/html/rfc5001))
|
|
|
* Measures for Making DNS More Resilient against Forged Answers ([RFC 5452](https://tools.ietf.org/html/rfc5452))
|
|
|
* DNS64: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers ([RFC 6147](https://tools.ietf.org/html/rfc6147))
|
|
|
* xNAME RCODE and Status Bits Clarification ([RFC 6604](https://tools.ietf.org/html/rfc6604))
|
|
|
* DNAME Redirection in the DNS ([RFC 6672](https://tools.ietf.org/html/rfc6672))
|
|
|
* Special-Use Domain Names ([RFC 6761](https://tools.ietf.org/html/rfc6761))
|
|
|
* Extension Mechanisms for DNS (EDNS(0)) ([RFC 6891] (https://tools.ietf.org/html/rfc6891))
|
|
|
* Applicability Statement: DNS Security (DNSSEC) DNSKEY Algorithm Implementation Status ([RFC 6944](https://tools.ietf.org/html/rfc6944))
|
|
|
* Discovery of the IPv6 Prefix Used for IPv6 Address Synthesis ([RFC 7050](https://tools.ietf.org/html/rfc7050))
|
|
|
* The ".onion" Special-Use Domain Name ([RFC 7686](https://tools.ietf.org/html/rfc7686))
|
|
|
* DNS Transport over TCP - Implementation Requirements ([RFC 7766](https://tools.ietf.org/html/rfc7766))
|
|
|
* The EDNS(0) Padding Option ([RFC 7830](https://tools.ietf.org/html/rfc7830))
|
|
|
* Specification for DNS over Transport Layer Security (TLS) ([RFC 7858](https://tools.ietf.org/html/rfc7858))
|
|
|
* NXDOMAIN: There Really Is Nothing Underneath ([RFC 8020](https://tools.ietf.org/html/rfc8020))
|
|
|
|
|
|
### Best current practice
|
|
|
* Observed DNS Resolution Misbehavior ([RFC 4697](https://tools.ietf.org/html/rfc4697))
|
|
|
* Locally Served DNS Zones ([RFC 6303](https://tools.ietf.org/html/rfc6303))
|
|
|
* Initializing a DNS Resolver with Priming Queries ([RFC 8109](https://tools.ietf.org/html/rfc8109))
|
|
|
|
|
|
### Informational
|
|
|
* Common DNS Implementation Errors and Suggested Fixes ([RFC 1536](https://tools.ietf.org/html/rfc1536))
|
|
|
* Common DNS Operational and Configuration Errors ([RFC 1912](https://tools.ietf.org/html/rfc1912))
|
|
|
* Threat Analysis of the Domain Name System ([RFC 3833](https://tools.ietf.org/html/rfc3833))
|
|
|
* Common Misbehavior Against DNS Queries for IPv6 Addresses ([RFC 4074](https://tools.ietf.org/html/rfc4074))
|
|
|
* Definition and Use of DNSSEC Negative Trust Anchors ([RFC 7646](https://tools.ietf.org/html/rfc7646))
|
|
|
* Decreasing Access Time to Root Servers by Running One on Loopback ([RFC 7706](https://tools.ietf.org/html/rfc7706))
|
|
|
* DNS Terminology ([RFC 7719](https://tools.ietf.org/html/rfc7719))
|
|
|
* Client Subnet in DNS Queries ([RFC 7871](https://tools.ietf.org/html/rfc7871))
|
|
|
|
|
|
### Experimental
|
|
|
* Extension Mechanisms for DNS (EDNS) EXPIRE Option ([RFC 7314](https://tools.ietf.org/html/rfc7314))
|
|
|
* DNS Query Name Minimisation to Improve Privacy ([RFC 7816](https://tools.ietf.org/html/rfc7816))
|
|
|
* CHAIN Query Requests in DNS ([RFC 7901](https://tools.ietf.org/html/rfc7901))
|
|
|
* DNS over Datagram Transport Layer Security (DTLS) ([RFC 8094](https://tools.ietf.org/html/rfc8094))
|
|
|
|
|
|
### Internet Drafts
|
|
|
* Providing Minimal-Sized Responses to DNS Queries that have QTYPE=ANY ([draft ietf-dnsop-refuse-any](http://tools.ietf.org/html/draft-ietf-dnsop-refuse-any))
|
|
|
* DNS Response Policy Zones (RPZ) ([draft ietf-dnsop-dns-rpz](http://tools.ietf.org/html/draft-ietf-dnsop-dns-rpz))
|
|
|
* The ALT Special Use Top Level Domain ([draft ietf-dnsop-alt-tld](https://tools.ietf.org/html/draft-ietf-dnsop-alt-tld))
|
|
|
* A Common Operational Problem in DNS Servers - Failure To Respond ([draft ietf-dnsop-no-response-issue](http://tools.ietf.org/html/draft-ietf-dnsop-no-response-issue))
|
|
|
* DNS wire-format over HTTP ([draft ietf-dnsop-dns-wireformat-http](http://tools.ietf.org/html/draft-ietf-dnsop-dns-wireformat-http))
|
|
|
* C-DNS: A DNS Packet Capture Format ([draft ietf-dnsop-dns-capture-format](http://tools.ietf.org/html/draft-ietf-dnsop-dns-capture-format))
|
|
|
* DNS Session Signaling ([draft ietf-dnsop-session-signal](http://tools.ietf.org/html/draft-ietf-dnsop-session-signal))
|
|
|
|
|
|
## DNSSEC
|
|
|
### Standards track
|
|
|
* DNS Security Introduction and Requirements ([RFC 4033](https://tools.ietf.org/html/rfc4033))
|
|
|
* Resource Records for the DNS Security Extensions ([RFC 4034](https://tools.ietf.org/html/rfc4034))
|
|
|
* Protocol Modifications for the DNS Security Extensions ([RFC 4035](https://tools.ietf.org/html/rfc4035))
|
|
|
* Minimally Covering NSEC Records and DNSSEC On-line Signing ([RFC 4470](https://tools.ietf.org/html/rfc4470))
|
|
|
* Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource Records (RRs) ([RFC 4509](https://tools.ietf.org/html/rfc4509))
|
|
|
* Automated Updates of DNS Security (DNSSEC) Trust Anchors ([RFC 5011](https://tools.ietf.org/html/rfc5011))
|
|
|
* DNS Security (DNSSEC) Hashed Authenticated Denial of Existence ([RFC 5155](https://tools.ietf.org/html/rfc5155))
|
|
|
* Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC ([RFC 5702](https://tools.ietf.org/html/rfc5702))
|
|
|
* Use of GOST Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC ([RFC 5933](https://tools.ietf.org/html/rfc5933))
|
|
|
* Cryptographic Algorithm Identifier Allocation for DNSSEC ([RFC 6014](https://tools.ietf.org/html/rfc6014))
|
|
|
* Elliptic Curve Digital Signature Algorithm (DSA) for DNSSEC ([RFC 6605](https://tools.ietf.org/html/rfc6605))
|
|
|
* DNS Security (DNSSEC) DNSKEY Algorithm IANA Registry Updates ([RFC 6725](https://tools.ietf.org/html/rfc6725))
|
|
|
* Clarifications and Implementation Notes for DNS Security (DNSSEC) ([RFC 6840](https://tools.ietf.org/html/rfc6840))
|
|
|
* Signaling Cryptographic Algorithm Understanding in DNS Security Extensions (DNSSEC) ([RFC 6975](https://tools.ietf.org/html/rfc6975))
|
|
|
|
|
|
### Informational
|
|
|
* Authenticated Denial of Existence in the DNS ([RFC 7129](https://tools.ietf.org/html/rfc7129))
|
|
|
|
|
|
### Internet Drafts
|
|
|
* Aggressive use of DNSSEC-validated Cache ([draft ietf-dnsop-nsec-aggressiveuse](http://tools.ietf.org/html/draft-ietf-dnsop-nsec-aggressiveuse))
|
|
|
* Algorithm Implementation Requirements and Usage Guidance for DNSSEC ([draft wouters-sury-dnsop-algorithm-update](http://tools.ietf.org/html/draft-wouters-sury-dnsop-algorithm-update))
|
|
|
* Security Considerations for RFC5011 Publishers ([draft hardaker-rfc5011-security-considerations](https://tools.ietf.org/html/draft-hardaker-rfc5011-security-considerations))
|
|
|
* Signaling Trust Anchor Knowledge in DNS Security Extensions (DNSSEC) ([draft ietf-dnsop-edns-key-tag](http://tools.ietf.org/html/draft-ietf-dnsop-edns-key-tag))
|
|
|
|
|
|
# dnsop working group
|
|
|
https://datatracker.ietf.org/wg/dnsop/ |