TKEY record
TKEY (transaction key) is a record type of the Domain Name System. TKEY RRs can used in number of different modes to establish shared keys between a DNS resolver and server.
TKEY record format
| Field | Description | Length (octets) |
|---|---|---|
| NAME | Key name, which must be unique on client and server | Variable |
| TYPE | TKEY (249) | 2 |
| CLASS | Ignored, should be ANY (255) | 2 |
| TTL | Ignored, should be 0 | 4 |
| RDLENGTH | Length of RDATA field | 2 |
| RDATA | Variable-length structure containing the timestamp, algorithm, mode, hash data and error | Variable, as per RDLENGTH |
Mode field values
- 0 - Reserved
- 1 - Server assignment
- 2 - Diffie-Hellman exchange
- 3 - Generic Security Service Algorithm for Secret Key Transaction
- 4 - Resolver assignment
- 5 - key deletion
- 6–65534 - available
- 65535 - reserved;
See also
References
- RFC 2930, "Secret Key Establishment for DNS (TKEY RR)", D. Eastlake, September 2000
 | This Internet domain name article is a stub. You can help Wikipedia by expanding it. |