TKEY record
Jump to navigation
Jump to search
TKEY (transaction key) is a record type of the Domain Name System (DNS). TKEY resource records (RRs) can be used in a number of different modes to establish shared keys between a DNS resolver and name server.
TKEY record format
| Field | Description | Length (octets) |
|---|---|---|
| NAME | Key name, which must be unique on client and server | Variable |
| TYPE | TKEY (249) | 2 |
| CLASS | Ignored, should be ANY (255) | 2 |
| TTL | Ignored, should be 0 | 4 |
| RDLENGTH | Length of RDATA field | 2 |
| RDATA | Variable-length structure containing the timestamp, algorithm, mode, hash data and error | Variable, as per RDLENGTH |
Mode field values
- 0 – Reserved
- 1 – Server assignment
- 2 – Diffie–Hellman key exchange
- 3 – Generic Security Service Algorithm for Secret Key Transaction
- 4 – Resolver assignment
- 5 – Key deletion
- 6–65534 – Available
- 65535 – Reserved
See also
References
- Template:IETF RFC, "Secret Key Establishment for DNS (TKEY RR)", D. Eastlake, September 2000