NIST Revises DNS Deployment Guide

Draft Addresses Public Feedback, Adds Three New Sections The National Institute of Standards and Technology released Wednesday a new draft of the document Secure Domain Name System Deployment Guide, or Special Publication 800-81.

NIST says this revision addresses feedback received for the first revision through public comments in March, in addition to adding three new subsections:

Guidelines on Procedures for migrating to a new Cryptographic Algorithm for signing of the Zone (Section 11.5).

Guidelines for Procedures for migrating to NSEC3 specifications from NSEC for providing authenticated denial of existence (Section 11.6).

Deployment Guidelines for Split-Zone under different scenarios (Section 11.7).

After addressing the public comments received in this round, NIST will be published the document as SP 800-81r1. NIST invites federal agencies, private organizations and individuals to review this draft and submit comments to NIST by sending them to before Sept. 30. Comments will be reviewed and posted on the website of NIST's Computer Security Resources Center website. All comments will be analyzed, consolidated, and used in revising the draft guidelines before final publication.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.