You're viewing an archived page. It is no longer being updated.
This content is only available for historical reference.
This documents how to setup DNSSEC. It is no longer maintained by the RIPE NCC, the latest version is avaailable at the NLnetLabs site (linked above).
This document is intended as a statement of the security practices (physical and network) employed by the RIPE NCC in relation to the operation and forward planning of DNSSEC.
RFC3757 (via FTP): Domain Name System KEY (DNSKEY) Resource Record (RR) Secure Entry Point (SEP) Flag.
An IETF DNSEXT Working Group document in which we specify a flag in the KEY RR to distinguish between key signing keys and zone signing keys.
A document by Kolkman and Gieben that documents a number of operational practices and recomendations for DNSSEC development. It is intended to be published as an informational RFC.
An In-Band Rollover Mechanism and an Out-Of-Band Priming Method for DNSSEC Trust Anchors. (draft-ietf-dnsext-trustupdate-threshold-00).
An IETF DNSEXT Working Group document in which we propose mechanisms for DNSSEC trust anchor maintenance and distribution.
Rollover of statically configured resolver keys (draft-ietf-dnsop-resolver-rollover-00.txt).
An IETF DNSOP Working group document in which we propose a mechanism for rollover of keys at resolvers. This document has expired and is kept here for archival purposes only