DNS Transport over TCP - Operational Requirements

The information below is for an old version of the document
Document Type Expired Internet-Draft (dnsop WG)
Authors John Kristoff  , Duane Wessels 
Last updated 2020-11-16 (latest revision 2020-05-06)
Replaces draft-kristoff-dnsop-dns-tcp-requirements
Stream Internet Engineering Task Force (IETF)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Additional Resources
- Mailing list discussion
Stream WG state WG Document
Document shepherd Suzanne Woolf
IESG IESG state Expired
Consensus Boilerplate Yes
Telechat date
Responsible AD (None)
Send notices to Suzanne Woolf <suzworldwide@gmail.com>

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document encourages the practice of permitting DNS messages to be carried over TCP on the Internet. This includes both DNS over unencrypted TCP, as well as over an encrypted TLS session. The document also considers the consequences with this form of DNS communication and the potential operational issues that can arise when this best common practice is not upheld.


John Kristoff (jtk@depaul.edu)
Duane Wessels (dwessels@verisign.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)