TKEY record

From HandWiki

TKEY (transaction key) is a record type of the Domain Name System (DNS). TKEY resource records (RRs) can be used in a number of different modes to establish shared keys between a DNS resolver and name server.

TKEY record format

TKEY resource record fields
Field Description Length (octets)
NAME Key name, which must be unique on client and server Variable
TYPE TKEY (249) 2
CLASS Ignored, should be ANY (255) 2
TTL Ignored, should be 0 4
RDLENGTH Length of RDATA field 2
RDATA Variable-length structure containing the timestamp, algorithm, mode, hash data and error Variable, as per RDLENGTH

Mode field values

  • 0 – Reserved
  • 1 – Server assignment
  • 2 – Diffie–Hellman key exchange
  • 3 – Generic Security Service Algorithm for Secret Key Transaction
  • 4 – Resolver assignment
  • 5 – Key deletion
  • 6–65534 – Available
  • 65535 – Reserved

See also

References

  • RFC 2930, "Secret Key Establishment for DNS (TKEY RR)", D. Eastlake, September 2000