Name: draft-ietf-dnsext-tkey-renewal-mode-05
Title: TKEY Secret Key Renewal Mode
State: Active
Authors: Y Kamite, Masaya Nakayama
Group: DNS Extensions (dnsext)
Date: 2004-10-15
This document defines a new mode in TKEY and proposes an atomic method for
changing secret keys used for TSIG periodically. Originally, TKEY provides
methods of setting up shared secrets other than manual exchange, but it
cannot control timing of key renewal very well though it can add or delete
shared keys separately. This proposal is a systematical key renewal
procedure intended for preventing signing DNS messages with old and
non-safe keys permanently.
[sh-index] Back to list of manuals
|
| |
