RFC 2845
E831088
RFC 2845 is the Internet standard that specifies the Transaction SIGnature (TSIG) mechanism for securing DNS transactions using shared secret keys and message authentication codes.
All labels observed (1)
| Label | Occurrences |
|---|---|
| RFC 2845 canonical | 1 |
Statements (50)
| Predicate | Object |
|---|---|
| instanceOf |
Internet standard
ⓘ
Request for Comments ⓘ |
| appliesTo |
DNS transactions
ⓘ
Domain Name System NERFINISHED ⓘ |
| area | Internet NERFINISHED ⓘ |
| authenticationProperty |
provides data origin authentication for DNS messages
ⓘ
provides integrity protection for DNS messages ⓘ |
| category |
DNS security
ⓘ
Security ⓘ |
| context |
DNS dynamic update
ⓘ
DNS request messages ⓘ DNS response messages ⓘ DNS zone transfer ⓘ |
| defines |
TSIG
NERFINISHED
ⓘ
Transaction SIGnature mechanism ⓘ |
| definesField |
TSIG MAC field
ⓘ
TSIG error field ⓘ TSIG fudge field ⓘ TSIG other data field ⓘ TSIG time signed field ⓘ |
| doesNotProvide | confidentiality of DNS messages ⓘ |
| intendedUse | authentication of DNS messages between parties sharing a secret key ⓘ |
| language | English ⓘ |
| mechanismType | symmetric key authentication ⓘ |
| publishedBy |
Internet Engineering Task Force
ⓘ
surface form:
IETF
Internet Engineering Task Force ⓘ |
| relatedTo |
DNS dynamic update
ⓘ
DNS zone transfer ⓘ DNSSEC NERFINISHED ⓘ RFC 1034 NERFINISHED ⓘ RFC 1035 NERFINISHED ⓘ |
| relatesTo |
DNS dynamic update security
ⓘ
DNS message authentication ⓘ DNS protocol ⓘ DNS zone transfer security ⓘ |
| securityGoal |
protect DNS transactions against spoofing
ⓘ
protect DNS transactions against tampering ⓘ |
| specifies |
mechanism for securing DNS transactions
ⓘ
use of message authentication codes for DNS ⓘ use of shared secret keys for DNS authentication ⓘ |
| standardizes |
TSIG error handling
ⓘ
TSIG processing rules ⓘ TSIG resource record format ⓘ TSIG time and replay protection ⓘ |
| status | Proposed Standard ⓘ |
| title | Secret Key Transaction Authentication for DNS (TSIG) ⓘ |
| uses |
HMAC
NERFINISHED
ⓘ
message authentication codes ⓘ shared secret keys ⓘ |
| usesRecordType | TSIG DNS resource record ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.