1. Introduction

   The DNS Security Extensions (DNSSEC) introduce four new DNS resource
   record types: DNS Public Key (DNSKEY), Resource Record Signature
   (RRSIG), Next Secure (NSEC), and Delegation Signer (DS).  This
   document defines the purpose of each resource record (RR), the RR's
   RDATA format, and its presentation format (ASCII representation).

1.1. Background and Related Documents

   This document is part of a family of documents defining DNSSEC, which
   should be read together as a set.

   [RFC4033] contains an introduction to DNSSEC and definition of common
   terms; the reader is assumed to be familiar with this document.
   [RFC4033] also contains a list of other documents updated by and
   obsoleted by this document set.

   [RFC4035] defines the DNSSEC protocol operations.

   The reader is also assumed to be familiar with the basic DNS concepts
   described in [RFC1034], [RFC1035], and the subsequent documents that
   update them, particularly [RFC2181] and [RFC2308].

   This document defines the DNSSEC resource records.  All numeric DNS
   type codes given in this document are decimal integers.

1.2. Reserved Words

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].