RFC Compliance ============== NSD strives to be a reference implementation for emerging standards in the Internet Engineering Task Force (IETF). The aim is to implement well-established Internet Drafts as a compile option and drafts in the final stage of open community review as an optional feature, that is disabled by default. Accepted RFCs are implemented in NSD according to the described standard. The following table provides an extensive overview of all the RFC standards and Internet drafts that have been implemented in NSD. ============== ==== :rfc:`1034` Domain Names – Concepts and Facilities :rfc:`1035` Domain Names – Implementation and Specification :rfc:`1101` DNS Encoding of Network Names and Other Types :rfc:`1521` MIME (Multipurpose Internet Mail Extensions) Part One: Mechanisms for Specifying and Describing the Format of Internet Message Bodies :rfc:`1706` DNS NSAP Resource Records :rfc:`1712` DNS Encoding of Geographical Location :rfc:`1876` A Means for Expressing Location Information in the Domain Name System :rfc:`1982` Serial Number Arithmetic :rfc:`1995` Incremental Zone Transfer in DNS :rfc:`1996` A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY) :rfc:`2163` Using the Internet DNS to Distribute MIXER Conformant Global Address Mapping (MCGAM) :rfc:`2168` Resolution of Uniform Resource Identifiers using the Domain Name System :rfc:`2181` Clarifications to the DNS Specification :rfc:`2230` Key Exchange Delegation Record for the DNS :rfc:`2253` Lightweight Directory Access Protocol (v3): UTF-8 String Representation of Distinguished Names :rfc:`2308` Negative Caching of DNS Queries (DNS NCACHE) :rfc:`2535` Domain Name System Security Extensions :rfc:`2536` DSA KEYs and SIGs in the Domain Name System (DNS) :rfc:`2537` RSA/MD5 KEYs and SIGs in the Domain Name System (DNS) :rfc:`2538` Storing Certificates in the Domain Name System (DNS) :rfc:`2539` Storage of Diffie-Hellman Keys in the Domain Name System (DNS) :rfc:`2606` Reserved Top Level DNS Names :rfc:`2671` Extension Mechanisms for DNS (EDNS0) :rfc:`2672` Non-Terminal DNS Name Redirection :rfc:`2673` Binary Labels in the Domain Name System :rfc:`2782` A DNS RR for specifying the location of services (DNS SRV) :rfc:`2845` Secret Key Transaction Authentication for DNS (TSIG) :rfc:`2874` DNS Extensions to Support IPv6 Address Aggregation and Renumbering :rfc:`2915` The Naming Authority Pointer (NAPTR) DNS Resource Record :rfc:`2930` Secret Key Establishment for DNS (TKEY RR) :rfc:`3110` RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS) :rfc:`3123` A DNS RR Type for Lists of Address Prefixes (APL RR) :rfc:`3225` Indicating Resolver Support of DNSSEC :rfc:`3597` Handling of Unknown DNS Resource Record (RR) Types :rfc:`3755` Legacy Resolver Compatibility for Delegation Signer (DS) :rfc:`4025` A Method for Storing IPsec Keying Material in DNS :rfc:`4033` DNS Security Introduction and Requirements :rfc:`4034` Resource Records for the DNS Security Extensions :rfc:`4035` Protocol Modifications for the DNS Security Extensions :rfc:`4255` Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints :rfc:`4343` Domain Name System (DNS) Case Insensitivity Clarification :rfc:`4398` Storing Certificates in the Domain Name System (DNS) :rfc:`4431` The DNSSEC Lookaside Validation (DLV) DNS Resource Record :rfc:`4509` Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource Records (RRs) :rfc:`4592` The Role of Wildcards in the Domain Name System :rfc:`4597` Conferencing Scenarios :rfc:`4635` HMAC SHA TSIG Algorithm Identifiers :rfc:`4701` A DNS Resource Record (RR) for Encoding Dynamic Host Configuration Protocol (DHCP) Information (DHCID RR) :rfc:`4892` Requirements for a Mechanism Identifying a Name Server Instance :rfc:`5001` DNS Name Server Identifier (NSID) Option :rfc:`5114` Additional Diffie-Hellman Groups for Use with IETF Standards :rfc:`5155` DNS Security (DNSSEC) Hashed Authenticated Denial of Existence :rfc:`5205` Host Identity Protocol (HIP) Domain Name System (DNS) Extension :rfc:`5702` Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC :rfc:`5933` Use of GOST Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC :rfc:`5936` DNS Zone Transfer Protocol (AXFR) :rfc:`6604` xNAME RCODE and Status Bits Clarification :rfc:`6605` Elliptic Curve Digital Signature Algorithm (DSA) for DNSSEC :rfc:`6672` DNAME Redirection in the DNS :rfc:`6698` The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA :rfc:`6725` DNS Security (DNSSEC) DNSKEY Algorithm IANA Registry Updates :rfc:`6742` DNS Resource Records for the Identifier-Locator Network Protocol (ILNP) :rfc:`6761` Special-Use Domain Names :rfc:`6840` Clarifications and Implementation Notes for DNS Security (DNSSEC) :rfc:`6844` DNS Certification Authority Authorization (CAA) Resource Record :rfc:`6891` Extension Mechanisms for DNS (EDNS(0)) :rfc:`6895` Domain Name System (DNS) IANA Considerations :rfc:`7043` Resource Records for EUI-48 and EUI-64 Addresses in the DNS :rfc:`7344` Automating DNSSEC Delegation Trust Maintenance :rfc:`7477` Child-to-Parent Synchronization in DNS :rfc:`7553` The Uniform Resource Identifier (URI) DNS Resource Record :rfc:`7766` DNS Transport over TCP - Implementation Requirements :rfc:`7873` Domain Name System (DNS) Cookies :rfc:`7929` DNS-Based Authentication of Named Entities (DANE) Bindings for OpenPGP :rfc:`8080` Edwards-Curve Digital Security Algorithm (EdDSA) for DNSSEC :rfc:`8162` Using Secure DNS to Associate Certificates with Domain Names for S/MIME :rfc:`8482` Providing Minimal-Sized Responses to DNS Queries That Have QTYPE=ANY :rfc:`8914` Extended DNS Errors :rfc:`8945` Secret Key Transaction Authentication for DNS (TSIG) :rfc:`9018` Interoperable Domain Name System (DNS) Server Cookies :rfc:`9103` DNS Zone Transfer over TLS :rfc:`9210` DNS Transport over TCP - Operational Requirements :rfc:`9432` DNS Catalog Zones ============== ====