Network Working Group T. Wicinski
Internet-Draft Salesforce
Intended status: Informational October 31, 2016
Expires: May 4, 2017

A Document Roadmap for the Doman Name System (DNS) Specifications


This document contains a roadmap to the Requests for Comments (RFC) documents relating to the Domain Name System (DNS). This roadmap provides a brief summary of the documents defining DNS and the various extensions. This serves as a guide and quick reference for DNS Implementers, as well as others.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on May 4, 2017.

Copyright Notice

Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents ( in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

Table of Contents

1. Introduction

The Domain Name System (DNS) is a critical piece of communication for Internet hosts. As DNS has evolved over the years, many distinct documents have become part of the standard, updating older documents either partially or completely.

This document is intended as an introduction to DNS, and also an attempt to organize the work from over the years. It provides a brief summary of the RFC documents that define DNS. This should be useful to implementers and others on the relevance and significance of the work that relate to DNS.

This roadmap includes a brief description of the contents of each DNS-related RFC. In addition, a letter code after each RFC indicates its category in the RFC document process. The explanations of these codes are described in [RFC2026].

S - Standards Truck (either Proposed Standard, Draft Standard or Internet Standard)

E - Experimental

I - Informational

H - Historic

B - Best Current Practice

U - Unknown (or not formally defined)

The DNS consists of multiple portions which could be implemented. These parts are (but are not restricted to): an Authorative Server (which includes managing the storage of zone data) and a Caching Server.

The roadmap is broken up into several sections. Section 2 decribes the core functionality. Section 3 lists the RFCs which are required to implement a DNS Server Section 3.1 lists the DNS Resource Record (RR) Types nees Section 4 discusses managing DNS zone data and updating DNS Zones Section 5 covers DNS Security (DNSSEC), how to implmenet it.

Experimental extensions which are not yet standard track, as well as documents which help to document behavior of the DNS but are not required are in Section 6. Current Best Practices are described in Section 7.

For the definition of DNS terms or phrases, please refer to the DNS Terminology document [RFC7719]

1.1. Notational Conventions

The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in [RFC2119].

1.2. DNS Terminology

[RFC7719] I: “DNS Terminology”

Since the DNS has been defined in dozens of different RFC over several decades, the terminology used by developers, implementors and operators of the DNS protocol sometimes changed over time. This document captured how terms were defined in the original standards, and if they have different meanings today.

2. Core Functionality and Specifications

[RFC1034] U: “Domain Names - Concepts and Facilities”

[RFC1035] S: “Domain Names - Implementation and Specification”

[RFC2181] S: “Clarifications to the DNS Specification”

3. Implementation

[RFC2308] S: “Negative Caching of DNS Queries (DNS NCACHE)”

[RFC5001] S: “DNS Name Server Identifier (NSID) Option”

[RFC4343] S: “Domain Name System (DNS) Case Insensitivity Clarification”

[RFC6604] S: “xNAME RCODE and Status Bits Clarification”

[RFC3597] S: “Handling of Unknown DNS Resource Record (RR) Types”

[RFC4592] S: “The Role of Wildcards in the Domain Name System”

[RFC1536] I: “Common DNS Implementation Errors and Suggested Fixes”

[RFC7766] S: “DNS Transport over TCP - Implementation Requirements”

3.1. DNS Resource Record (RR) Types

4. DNS Zones

4.1. Managing DNS Zone Data

4.2. Updating DNS Zones

4.3. Name Server Management

5. DNS Security (DNSSEC)

[RFC4033] S: “DNS Security Introduction and Requirements”

[RFC4034] S: “Resource Records for the DNS Security Extensions”

[RFC4035] S: “Protocol Modifications for the DNS Security Extensions”

[RFC3225] S: “Indicating Resolver Support of DNSSEC”

[RFC3226] S: “DNSSEC and IPv6 A6 aware server/resolver message size requirements”

[RFC4470] S: “Minimally Covering NSEC Records and DNSSEC On-line Signing”

[RFC4955] S: “DNS Security (DNSSEC) Experiments”

[RFC5155] S: “DNS Security (DNSSEC) Hashed Authenticated Denial of Existence”

[RFC6840] S: “Clarifications and Implementation Notes for DNS Security (DNSSEC)”

[RFC4956] E: “DNS Security (DNSSEC) Opt-In”

[RFC6841] I: “A Framework for DNSSEC Policies and DNSSEC Practice Statements”

6. IANA Considerations

7. Security Considerations

8. References

8.1. Normative References

[RFC1034] Mockapetris, P., "Domain names - concepts and facilities", STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987.
[RFC1035] Mockapetris, P., "Domain names - implementation and specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, November 1987.
[RFC1536] Kumar, A., Postel, J., Neuman, C., Danzig, P. and S. Miller, "Common DNS Implementation Errors and Suggested Fixes", RFC 1536, DOI 10.17487/RFC1536, October 1993.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997.
[RFC2181] Elz, R. and R. Bush, "Clarifications to the DNS Specification", RFC 2181, DOI 10.17487/RFC2181, July 1997.
[RFC2308] Andrews, M., "Negative Caching of DNS Queries (DNS NCACHE)", RFC 2308, DOI 10.17487/RFC2308, March 1998.
[RFC3225] Conrad, D., "Indicating Resolver Support of DNSSEC", RFC 3225, DOI 10.17487/RFC3225, December 2001.
[RFC3226] Gudmundsson, O., "DNSSEC and IPv6 A6 aware server/resolver message size requirements", RFC 3226, DOI 10.17487/RFC3226, December 2001.
[RFC3597] Gustafsson, A., "Handling of Unknown DNS Resource Record (RR) Types", RFC 3597, DOI 10.17487/RFC3597, September 2003.
[RFC4033] Arends, R., Austein, R., Larson, M., Massey, D. and S. Rose, "DNS Security Introduction and Requirements", RFC 4033, DOI 10.17487/RFC4033, March 2005.
[RFC4034] Arends, R., Austein, R., Larson, M., Massey, D. and S. Rose, "Resource Records for the DNS Security Extensions", RFC 4034, DOI 10.17487/RFC4034, March 2005.
[RFC4035] Arends, R., Austein, R., Larson, M., Massey, D. and S. Rose, "Protocol Modifications for the DNS Security Extensions", RFC 4035, DOI 10.17487/RFC4035, March 2005.
[RFC4343] Eastlake 3rd, D., "Domain Name System (DNS) Case Insensitivity Clarification", RFC 4343, DOI 10.17487/RFC4343, January 2006.
[RFC4470] Weiler, S. and J. Ihren, "Minimally Covering NSEC Records and DNSSEC On-line Signing", RFC 4470, DOI 10.17487/RFC4470, April 2006.
[RFC4592] Lewis, E., "The Role of Wildcards in the Domain Name System", RFC 4592, DOI 10.17487/RFC4592, July 2006.
[RFC4955] Blacka, D., "DNS Security (DNSSEC) Experiments", RFC 4955, DOI 10.17487/RFC4955, July 2007.
[RFC4956] Arends, R., Kosters, M. and D. Blacka, "DNS Security (DNSSEC) Opt-In", RFC 4956, DOI 10.17487/RFC4956, July 2007.
[RFC5001] Austein, R., "DNS Name Server Identifier (NSID) Option", RFC 5001, DOI 10.17487/RFC5001, August 2007.
[RFC5155] Laurie, B., Sisson, G., Arends, R. and D. Blacka, "DNS Security (DNSSEC) Hashed Authenticated Denial of Existence", RFC 5155, DOI 10.17487/RFC5155, March 2008.
[RFC6604] Eastlake 3rd, D., "xNAME RCODE and Status Bits Clarification", RFC 6604, DOI 10.17487/RFC6604, April 2012.
[RFC6840] Weiler, S. and D. Blacka, "Clarifications and Implementation Notes for DNS Security (DNSSEC)", RFC 6840, DOI 10.17487/RFC6840, February 2013.
[RFC6841] Ljunggren, F., Eklund Lowinder, AM. and T. Okubo, "A Framework for DNSSEC Policies and DNSSEC Practice Statements", RFC 6841, DOI 10.17487/RFC6841, January 2013.
[RFC7766] Dickinson, J., Dickinson, S., Bellis, R., Mankin, A. and D. Wessels, "DNS Transport over TCP - Implementation Requirements", RFC 7766, DOI 10.17487/RFC7766, March 2016.

8.2. Informative References

[RFC2026] Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, DOI 10.17487/RFC2026, October 1996.
[RFC7719] Hoffman, P., Sullivan, A. and K. Fujiwara, "DNS Terminology", RFC 7719, DOI 10.17487/RFC7719, December 2015.

Author's Address

Tim Wicinski Salesforce EMail: