Compliance table
The following table describes the (minimal) compliance of PowerDNS products with various important standards.
If you miss a standard that is important to you, please contact us.
Domain names - concepts and facilities
Domain names - implementation and specification
Using the Domain Name System To Store Arbitrary String Attributes
RFC 1876 (Auth)
A Means for Expressing Location Information in the Domain Name System
RFC 1982 (Auth)
Serial Number Arithmetic
RFC 1995(Downstream)
Incremental Zone Transfer in DNS
A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY)
Dynamic Updates in the Domain Name System (DNS UPDATE)
Clarifications to the DNS Specification
Key Exchange Delegation Record for the DNS
Negative Caching of DNS Queries (DNS NCACHE)
DSA KEYs and SIGs in the Domain Name System (DNS)
Storing Certificates in the Domain Name System (DNS)
Storage of Diffie-Hellman Keys in the Domain Name System (DNS)
Extension Mechanisms for DNS (EDNS0)
A DNS RR for specifying the location of services (DNS SRV)
Secret Key Transaction Authentication for DNS (TSIG)
Secret Key Establishment for DNS (TKEY RR)
Secure Domain Name System (DNS) Dynamic Update (TSIG only)
Indicating Resolver Support of DNSSEC
Session Initiation Protocol (SIP): Locating SIP Servers
Dynamic Delegation Discovery System (DDDS) - Part One: The Comprehensive DDDS
Dynamic Delegation Discovery System (DDDS) - Part Two: The Algorithm
Dynamic Delegation Discovery System (DDDS) - Part Three: The Domain Name System (DNS) Database
Dynamic Delegation Discovery System (DDDS) - Part Four: The Uniform Resource Identifiers (URI) Resolution Application
DNS Extensions to Support IP Version 6
Handling of Unknown DNS Resource Record (RR) Types
Delegation Signer (DS) Resource Record (RR)
A Method for Storing IPsec Keying Material in DNS
DNS Security Introduction and Requirements
Resource Records for the DNS Security Extensions
Protocol Modifications for the DNS Security Extensions
Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints
Domain Name System (DNS) Case Insensitivity Clarification
Storing Certificates in the Domain Name System (DNS)
Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource Records (RRs)
The Role of Wildcards in the Domain Name System
Number Portability Parameters for the "tel" URI
A DNS Resource Record (RR) for Encoding Dynamic Host Configuration Protocol (DHCP) Information (DHCID RR)
Requirements for a Mechanism Identifying a Name Server Instance
DNS Name Server Identifier (NSID) Option
DNS Security (DNSSEC) Hashed Authenticated Denial of Existence
Measures for Making DNS More Resilient against Forged Answers
Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC
Use of GOST Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC
DNS64: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers
Use of the SHA-256 Algorithm with RSA, Digital Signature Algorithm (DSA), and Elliptic Curve DSA (ECDSA) in SSHFP Resource Records
Elliptic Curve Digital Signature Algorithm (DSA) for DNSSEC
DNAME Redirection in the DNS
The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA
Clarifications and Implementation Notes for DNS Security (DNSSEC)
Extension Mechanisms for DNS (EDNS(0))
Adding Acronyms to Simplify Conversations about DNS-Based Authentication of Named Entities (DANE)
RFC 7344 (publication)
Automating DNSSEC Delegation Trust Maintenance
Using Ed25519 in SSHFP Resource Records
Definition and Use of DNSSEC Negative Trust Anchors
The DNS-Based Authentication of Named Entities (DANE) Protocol: Updates and Operational Guidance
Client Subnet in DNS Queries
Locating Session Initiation Protocol (SIP) Servers in a Dual-Stack IP Network
NXDOMAIN: There Really Is Nothing Underneath
RFC 8078 (publication)
Managing DS Records from the Parent via CDS/CDNSKEY
Edwards-Curve Digital Security Algorithm (EdDSA) for DNSSEC
Aggressive Use of DNSSEC-Validated Cache
DNS Queries over HTTPS (DoH)
Algorithm Implementation Requirements and Usage Guidance for DNSSEC
Extended DNS Errors
Secret Key Transaction Authentication for DNS (TSIG)
DNS Catalog Zones