Internet Documents |
RFCs 9900 - 9999s |
| RFCs All Documents | STDs Internet Standards Documents | BCPs Best Current Practice Documents | FYIs Informational Documents |
|
| ||||||
| PROPOSED | DRAFT | STANDARD | EXPMTL | BCP | INFO | HISTORIC | UPDATED | OBSOLETED | UNKNOWN |
RFC 9901 Selective Disclosure for JSON Web Tokens
Authors: D. Fett, K. Yasuda, B. Campbell. Date: November 2025 Formats: txt html pdf xml json Status: PROPOSED STANDARD DOI: 10.17487/RFC 9901 This specification defines a mechanism for the selective disclosure of individual elements of a JSON data structure used as the payload of a JSON Web Signature (JWS). The primary use case is the selective disclosure of JSON Web Token (JWT) claims. RFC 9904 DNSSEC Cryptographic Algorithm Recommendation Update Process
Authors: W. Hardaker, W. Kumari. Date: November 2025 Formats: txt html json xml pdf Obsoletes: RFC 8624 Updates: RFC 9157 Status: PROPOSED STANDARD DOI: 10.17487/RFC 9904 The DNSSEC protocol makes use of various cryptographic algorithms to provide authentication of DNS data and proof of nonexistence. To ensure interoperability between DNS resolvers and DNS authoritative servers, it is necessary to specify both a set of algorithm implementation requirements and usage guidelines to ensure that there is at least one algorithm that all implementations support. This document replaces and obsoletes RFC 8624 and moves the canonical source of algorithm implementation requirements and usage guidance for DNSSEC from RFC 8624 to the IANA DNSSEC algorithm registries.This is done to allow the list of requirements to be more easily updated and referenced. Extensions to these registries can be made in future RFCs. This document also updates RFC 9157 and incorporates the revised IANA DNSSEC considerations from that RFC. This document does not change the recommendation status (MUST, MAY,RECOMMENDED, etc.) of the algorithms listed in RFC 8624; that is the work of future documents.
RFC 9905 Deprecating the Use of SHA-1 in DNSSEC Signature Algorithms
Authors: W. Hardaker, W. Kumari. Date: November 2025 Formats: txt html xml pdf json Updates: RFC 4034, RFC 5155 Status: PROPOSED STANDARD DOI: 10.17487/RFC 9905 This document deprecates the use of the RSASHA1 andRSASHA1-NSEC3-SHA1 algorithms for the creation of DNS Public Key(DNSKEY) and Resource Record Signature (RRSIG) records. It updates RFCs 4034 and 5155 as it deprecates the use of these algorithms.