DISI Documents

• DNSSEC HOWTO (PDF | HTML).

  This documents how to setup DNSSEC. It is no longer maintained by the RIPE NCC, the latest version is avaailable at the NLnetLabs site (linked above).

• DNSSEC Operations and Security Practice Statement
  
  This document is intended as a statement of the security practices (physical and network) employed by the RIPE NCC in relation to the operation and forward planning of DNSSEC.

• RFC3757 (via FTP):
  Domain Name System KEY (DNSKEY) Resource Record (RR) Secure Entry Point (SEP) Flag

  An IETF DNSEXT Working Group document in which we specify a flag in the KEY RR to distinguish between key signing keys and zone signing keys.

• DNSSEC Operational Practices
  (draft-ietf-dnsop-dnssec-operational-practices-08.txt) (via FTP).

  A document by Kolkman and Gieben that documents a number of operational practices and recomendations for DNSSEC development. It is intended to be published as an informational RFC.

• An In-Band Rollover Mechanism and an Out-Of-Band Priming Method for DNSSEC Trust Anchors. (via FTP)
  (draft-ietf-dnsext-trustupdate-threshold-00).

  An IETF DNSEXT Working Group document in which we propose mechanisms for DNSSEC trust anchor maintenance and distribution.

• Rollover of statically configured resolver keys (draft-ietf-dnsop-resolver-rollover-00.txt).

  An IETF DNSOP Working group document in which we propose a mechanism for rollover of keys at resolvers. This document has expired and is kept here for archival purposes only