{"draft":"draft-ietf-dnsext-dnssec-algo-signal-10","doc_id":"RFC6975","title":"Signaling Cryptographic Algorithm Understanding in DNS Security Extensions (DNSSEC)","authors":["S. Crocker","S. Rose"],"format":["ASCII","HTML"],"page_count":"9","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"DNS Extensions","abstract":"The DNS Security Extensions (DNSSEC) were developed to provide origin\r\nauthentication and integrity protection for DNS data by using digital\r\nsignatures.  These digital signatures can be generated using\r\ndifferent algorithms.  This document specifies a way for validating\r\nend-system resolvers to signal to a server which digital signature\r\nand hash algorithms they support.  The extensions allow the signaling\r\nof new algorithm uptake in client code to allow zone administrators\r\nto know when it is possible to complete an algorithm rollover in a\r\nDNSSEC-signed zone.","pub_date":"July 2013","keywords":["DNS","DNSSEC","EDNS"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC6975","errata_url":null}