Dismiss
InnovationQ/InnovationQ Plus content will be updated on Sunday, June 25, 10am ET, with new patent and non-patent literature collections. Click here to learn more.
Browse Prior Art Database

Storage of Diffie-Hellman Keys in the Domain Name System (DNS) (RFC2539)

IP.com Disclosure Number: IPCOM000003125D
Original Publication Date: 1999-Mar-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 5 page(s) / 13K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

D. Eastlake: AUTHOR

Abstract

A standard method for storing Diffie-Hellman keys in the Domain Name System is described which utilizes DNS KEY resource records.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 23% of the total text.

Network Working Group D. Eastlake

Request for Comments: 2539 IBM

Category: Standards Track March 1999

Storage of Diffie-Hellman Keys in the Domain Name System (DNS)

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1999). All Rights Reserved.

Abstract

A standard method for storing Diffie-Hellman keys in the Domain Name

System is described which utilizes DNS KEY resource records.

Acknowledgements

Part of the format for Diffie-Hellman keys and the description

thereof was taken from a work in progress by:

Ashar Aziz

Tom Markson

Hemma Prafullchandra

In addition, the following person provided useful comments that have

been incorporated:

Ran Atkinson

Thomas Narten

Table of Contents

Abstract...................................................1

Acknowledgements...........................................1

1. Introduction............................................2

1.1 About This Document....................................2

1.2 About Diffie-Hellman...................................2

2. Diffie-Hellman KEY Resource Records.....................3

3. Performance Considerations..............................4

4. IANA Considerations.....................................4

5. Security Considerations.................................4

References.................................................5

Author's Address...........................................5

Appendix A: Well known prime/generator pairs...............6

A.1. Well-Known Group 1: A 768 bit prime..................6

A.2. Well-Known Group 2: A 1024 bit prime.................6

Full Copyright Notice......................................7

1. Introduction

The Domain Name System (DNS) is the current global hierarchical

replicated distributed database system for Internet addressing, mail

proxy, and similar information. The DNS has been extended to include

digital signatures and cryptographic keys as described in [RFC 2535].

Thus the DNS can now be used for secure key distribution.

1.1 About This Document

This document describes how to store Diffie-Hellman keys in the DNS.

Familiarity with the Diffie-Hellman key exchange algorithm is assumed

[Schneier].

1.2 About Diffie-Hellman

Diffie-Hellman requires two parties to interact to derive keying

information which can then be used for authentication. Since DNS SIG

RRs are primarily used as stored authent...