Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC
E738665
"Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC" (RFC 5702) is an IETF standards-track document that specifies how to employ SHA-2 hash algorithms with RSA signatures in DNSSEC to enhance the security of DNS authentication.
Observed surface forms (1)
| Surface form | Occurrences |
|---|---|
| RFC 5702 | 0 |
Statements (42)
| Predicate | Object |
|---|---|
| instanceOf |
IETF standards-track document
ⓘ
Request for Comments ⓘ |
| addresses | use of stronger hash functions than SHA-1 in DNSSEC ⓘ |
| aimsTo | improve robustness of DNSSEC signatures ⓘ |
| appliesTo |
DNSKEY resource records
ⓘ
RRSIG resource records ⓘ |
| area | Security ⓘ |
| category | Standards Track ⓘ |
| contributesTo | overall security of the DNS infrastructure ⓘ |
| defines | new DNSSEC algorithm identifiers for RSA with SHA-2 ⓘ |
| definesAlgorithmForDNSSEC |
RSA/SHA-256
ⓘ
RSA/SHA-512 NERFINISHED ⓘ |
| definesFieldUsage |
DNSKEY algorithm field for RSA/SHA-2
ⓘ
RRSIG algorithm field for RSA/SHA-2 ⓘ |
| definesUseOf | SHA-2 hash algorithms with RSA in DNSSEC ⓘ |
| hashAlgorithmFamily | SHA-2 NERFINISHED ⓘ |
| intendedFor |
DNS operators
ⓘ
protocol implementers ⓘ security practitioners ⓘ |
| motivatedBy | cryptographic weaknesses of SHA-1 ⓘ |
| obsoletesAlgorithmUsage | exclusive reliance on RSA/SHA-1 in DNSSEC ⓘ |
| partOf | DNSSEC standards corpus NERFINISHED ⓘ |
| protocol | DNSSEC ⓘ |
| publishedBy | Internet Engineering Task Force ⓘ |
| publishedInSeries | RFC series NERFINISHED ⓘ |
| purpose | to enhance the security of DNS authentication ⓘ |
| relatedTo | DNSSEC algorithm agility ⓘ |
| relevantTo |
DNS authoritative name servers
ⓘ
DNS resolvers ⓘ DNSSEC validators ⓘ |
| shortTitle | Use of SHA-2 Algorithms with RSA in DNSSEC NERFINISHED ⓘ |
| signatureAlgorithmFamily | RSA NERFINISHED ⓘ |
| specifies |
operational considerations for deploying RSA/SHA-2 in DNSSEC
ⓘ
wire format considerations for RSA/SHA-2 in DNSSEC ⓘ |
| specifiesUseInRecordType |
DNSKEY
NERFINISHED
ⓘ
RRSIG NERFINISHED ⓘ |
| standardizes |
use of SHA-256 with RSA in DNSSEC
ⓘ
use of SHA-512 with RSA in DNSSEC ⓘ |
| status | Proposed Standard ⓘ |
| stream |
Internet Engineering Task Force
ⓘ
surface form:
IETF
|
| title | Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC NERFINISHED ⓘ |
| updatesSpecificationFor | Domain Name System Security Extensions NERFINISHED ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.