Hi, I have posted a revision of the new TKEY draft which includes an Elliptic Curve DH mode and expect to present on it in Dublin. See oldish thread with subject "TKEY and MD5".
Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 2386 Panoramic Circle, Apopka, FL 32703 USA d3e...@gmail.com ---------- Forwarded message --------- From: <internet-dra...@ietf.org> Date: Mon, Oct 21, 2024 at 4:38 PM Subject: New Version Notification for draft-eastlake-dnsop-rfc2930bis-tkey-01.txt To: Donald E. Eastlake 3rd <d3e...@gmail.com>, Mark Andrews <ma...@isc.org> A new version of Internet-Draft draft-eastlake-dnsop-rfc2930bis-tkey-01.txt has been successfully submitted by Donald E. Eastlake 3rd and posted to the IETF repository. Name: draft-eastlake-dnsop-rfc2930bis-tkey Revision: 01 Title: Secret Key Agreement for DNS: The TKEY Resource Record Date: 2024-10-21 Group: Individual Submission Pages: 30 URL: https://www.ietf.org/archive/id/draft-eastlake-dnsop-rfc2930bis-tkey-01.txt Status: https://datatracker.ietf.org/doc/draft-eastlake-dnsop-rfc2930bis-tkey/ HTML: https://www.ietf.org/archive/id/draft-eastlake-dnsop-rfc2930bis-tkey-01.html HTMLized: https://datatracker.ietf.org/doc/html/draft-eastlake-dnsop-rfc2930bis-tkey Diff: https://author-tools.ietf.org/iddiff?url2=draft-eastlake-dnsop-rfc2930bis-tkey-01 Abstract: RFC 8945 provides efficient authentication of Domain Name System (DNS) protocol messages using shared secret keys and the Transaction Signature (TSIG) resource record (RR). However, it provides no mechanism for setting up such keys other than configuration. This document describes the Transaction Key (TKEY) RR that can be used in a variety of modes to establish shared secret keys between a DNS resolver and server. This document obsoletes RFC 2930. The IETF Secretariat _______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org