DNS RFC

The Domain Name System protocols are more than 20 years old, and many of the older RFCs are obsolete, but there still exist clients running software implementing the very oldest protocols. Here are the RFCs pertaining to DNS. FAQS.org maintains a list of DNS Protocol Related Documents here (opens in new window).

  • RFC 952 DOD INTERNET HOST TABLE SPECIFICATION
  • RFC 1032 DOMAIN ADMINISTRATORS GUIDE
  • RFC 1033 DOMAIN ADMINISTRATORS OPERATIONS GUIDE
  • RFC 1034 DOMAIN NAMES – CONCEPTS AND FACILITIES
  • RFC 1035 DOMAIN NAMES – IMPLEMENTATION AND SPECIFICATION
  • RFC 1101 DNS Encoding of Network Names and Other Types
  • RFC 1122 Requirements for Internet Hosts — Communication Layers
  • RFC 1123 Requirements for Internet Hosts — Application and Support
  • RFC 1183 New DNS RR Definitions
  • RFC 1348 DNS NSAP RRs
  • RFC 1535 A Security Problem and Proposed Correction With Widely Deployed DNS Software
  • RFC 1536 Common DNS Implementation Errors and Suggested Fixes
  • RFC 1537 Common DNS Data File Configuration Errors
  • RFC 1591 Domain Name System Structure and Delegation (Informational)
  • RFC 1611 DNS Server MIB Extensions
  • RFC 1612 DNS Resolver MIB Extensions
  • RFC 1706 DNS NSAP Resource Records
  • RFC 1712 DNS Encoding of Geographical Location
  • RFC 1750 Randomness Recommendations for Security
  • RFC 1876 A Means for Expressing Location Information in the Domain Name System
  • RFC 1886 DNS Extensions to support IP version 6
  • RFC 1982 Serial Number Arithmetic
  • RFC 1995 Incremental Zone Transfer in DNS
  • RFC 1996 A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY)
  • RFC 2052 A DNS RR for specifying the location of services (DNS SRV)
  • RFC 2104 HMAC: Keyed-Hashing for Message Authentication
  • RFC 2119 Key words for use in RFCs to Indicate Requirement Levels
  • RFC 2133 Basic Socket Interface Extensions for IPv6
  • RFC 2136 Dynamic Updates in the Domain Name System (DNS UPDATE)
  • RFC 2137 Secure Domain Name System Dynamic Update
  • RFC 2163 Using the Internet DNS to Distribute MIXER Conformant Global Address Mapping (MCGAM)
  • RFC 2168 Resolution of Uniform Resource Identifiers using the Domain Name System
  • RFC 2181 Clarifications to the DNS Specification
  • RFC 2230 Key Exchange Delegation Record for the DNS
  • RFC 2308 Negative Caching of DNS Queries (DNS NCACHE)
  • RFC 2317 Classless IN-ADDR.ARPA delegation
  • RFC 2373 IP Version 6 Addressing Architecture
  • RFC 2374 An IPv6 Aggregatable Global Unicast Address Format
  • RFC 2535 Domain Name System Security Extensions
  • RFC 2536 DSA KEYs and SIGs in the Domain Name System (DNS)
  • RFC 2537 RSA/MD5 KEYs and SIGs in the Domain Name System (DNS)
  • RFC 2538 Storing Certificates in the Domain Name System (DNS)
  • RFC 2539 Storage of Diffie-Hellman Keys in the Domain Name System (DNS)
  • RFC 2540 Detached Domain Name System (DNS) Information
  • RFC 2541 DNS Security Operational Considerations
  • RFC 2553 Basic Socket Interface Extensions for IPv6
  • RFC 2671 Extension Mechanisms for DNS (EDNS0)
  • RFC 2672 Non-Terminal DNS Name Redirection
  • RFC 2673 Binary Labels in the Domain Name System
  • RFC 2782 A DNS RR for specifying the location of services (DNS SRV)
  • RFC 2825 A Tangled Web: Issues of I18N, Domain Names, and the Other Internet protocols
  • RFC 2826 IAB Technical Comment on the Unique DNS Root
  • RFC 2845 Secret Key Transaction Authentication for DNS (TSIG)
  • RFC 2874 DNS Extensions to Support IPv6 Address Aggregation and Renumbering
  • RFC 2915 The Naming Authority Pointer (NAPTR) DNS Resource Record
  • RFC 2929 Domain Name System (DNS) IANA Considerations
  • RFC 2930 Secret Key Establishment for DNS (TKEY RR)
  • RFC 2931 DNS Request and Transaction Signatures ( SIG(0)s )
  • RFC 3007 Secure Domain Name System (DNS) Dynamic Update
  • RFC 3008 Domain Name System Security (DNSSEC) Signing Authority
  • RFC 3071 Reflections on the DNS, RFC 1591, and Categories of Domains
  • RFC 3090 DNS Security Extension Clarification on Zone Status
  • RFC 3110 RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS
  • RFC 3123 A DNS RR Type for Lists of Address Prefixes (APL RR)
  • RFC 3152 Delegation of IP6.ARPA
  • RFC 3197 Applicability Statement for DNS MIB Extensions
  • RFC 3225 Indicating Resolver Support of DNSSEC
  • RFC 3226 DNSSEC and IPv6 A6 aware server/resolver message size requirements
  • RFC 3258 Distributing Authoritative Name Servers via Shared Unicast Addresses
  • RFC 3363 Representing Internet Protocol version 6 (IPv6) Addresses in the Domain Name System (DNS)
  • RFC 3364 Tradeoffs in Domain Name System (DNS) Support for Internet Protocol version 6 (IPv6)
  • RFC 3425 Obsoleting IQUERY
  • RFC 3445 Limiting the Scope of the KEY Resource Record (RR)
  • RFC 3467 Role of the Domain Name System (DNS)
  • RFC 3490 Internationalizing Domain Names In Applications (IDNA)
  • RFC 3491 Nameprep: A Stringprep Profile for Internationalized Domain Names (IDN)
  • RFC 3492 Punycode:A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA)
  • RFC 3493 Basic Socket Interface Extensions for IPv6
  • RFC 3513 Internet Protocol Version 6 (IPv6) Addressing Architecture
  • RFC 3596 DNS Extensions to Support IP Version
  • RFC 3597 Handling of Unknown DNS Resource Record (RR) Types
  • RFC 3645 Generic Security Service Algorithm for Secret Key Transaction Authentication for DNS (GSS-TSIG)
  • RFC 3655 Redefinition of DNS Authenticated Data (AD) bit
  • RFC 3658 Delegation Signer (DS) Resource Record (RR)
  • RFC 3757 Domain Name System KEY (DNSKEY) Resource Record (RR) Secure Entry Point (SEP) Flag
  • RFC 3833 Threat Analysis of the Domain Name System (DNS)
  • RFC 3845 DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format
  • RFC 3901 DNS IPv6 Transport Operational Guidelines
  • RFC 4025 A Method for Storing IPsec Keying Material in DNS
  • RFC 4033 DNS Security Introduction and Requirements
  • RFC 4034 Resource Records for the DNS Security Extensions
  • RFC 4035 Protocol Modifications for the DNS Security Extensions
  • RFC 4074 Common Misbehavior Against DNS Queries for IPv6 Addresses
  • RFC 4159 Deprecation of “ip6.int”
  • RFC 4193 Unique Local IPv6 Unicast Addresses
  • RFC 4255 Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints
  • RFC 4343 Domain Name System (DNS) Case Insensitivity Clarification
  • RFC 4367 What’s in a Name: False Assumptions about DNS Names
  • RFC 4398 Storing Certificates in the Domain Name System (DNS)
  • RFC 4408 The DNSSEC Lookaside Validation (DLV) DNS Resource Record
  • RFC 4431 Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1
  • RFC 4470 Minimally Covering NSEC Records and DNSSEC On-line Signing
  • RFC 4634 US Secure Hash Algorithms (SHA and HMAC-SHA)
  • RFC 4641 DNSSEC Operational Practices