1 Introduction

Secret Key Transaction Authentication for DNS (TSIG), as specified in [RFC2845], provides extensible transaction level authentication for DNS. The Generic Security Service Algorithm for Secret Key Transaction Authentication for DNS (GSS-TSIG), as specified in [RFC3645], identifies one possible extension to TSIG based on the Generic Security Service Application Program Interface (GSS-API), as specified in [RFC2743].

This document specifies an extension to GSS-TSIG.

Sections 1.5, 1.8, 1.9, 2, and 3 of this specification are normative. All other sections and examples in this specification are informative.

Show: