TKEY record
TKEY (transaction key) is a record type of the Domain Name System. TKEY RRs can be used in a number of different modes to establish shared keys between a DNS resolver and server.
TKEY record format[]
Field | Description | Length (octets) |
---|---|---|
NAME | Key name, which must be unique on client and server | Variable |
TYPE | TKEY (249) | 2 |
CLASS | Ignored, should be ANY (255) | 2 |
TTL | Ignored, should be 0 | 4 |
RDLENGTH | Length of RDATA field | 2 |
RDATA | Variable-length structure containing the timestamp, algorithm, mode, hash data and error | Variable, as per RDLENGTH |
Mode field values[]
- 0 - Reserved
- 1 - Server assignment
- 2 - Diffie-Hellman exchange
- 3 - Generic Security Service Algorithm for Secret Key Transaction
- 4 - Resolver assignment
- 5 - key deletion
- 6–65534 - available
- 65535 - reserved;
See also[]
References[]
- RFC 2930, "Secret Key Establishment for DNS (TKEY RR)", D. Eastlake, September 2000
Categories:
- DNS record types
- Domain name stubs