mirror of
https://gitlab.com/netravnen/NetworkLabNotes.git
synced 2024-12-23 20:57:53 +00:00
DNSSEC record types
This commit is contained in:
parent
7c22c00f90
commit
c5979df002
|
@ -51,6 +51,20 @@ Is hierarchical by design going from:
|
|||
|
||||
\section{DNSSEC}
|
||||
|
||||
|
||||
|
||||
\subsection{New Record Types}
|
||||
|
||||
A couple of new record types were introduced with \gls{dnssec}.\cite{HowDNSSE22:online}
|
||||
|
||||
\begin{itemize}
|
||||
\item \itemhead{RRSIG} Contains a cryptographic signature.
|
||||
\item \itemhead{DNSKEY} Contains a public signing key.
|
||||
\item \itemhead{DS} Contains the hash of a DNSKEY record.
|
||||
\item \itemhead{NSEC+NSEC3} For explicit denial-of-existence of a DNS record.
|
||||
\item \itemhead{CDNSKEY+CDS} For a child zone requesting updates to DS record(s) in the parent zone.
|
||||
\end{itemize}
|
||||
|
||||
\subsection[KSK]{Key Signing Key}
|
||||
|
||||
The \gls{ksk} is a used to sign other keys. Thus creating a chain-of-trust.
|
||||
|
|
|
@ -48,4 +48,13 @@
|
|||
month = {},
|
||||
year = {},
|
||||
note = {(Accessed on 09/10/2017)}
|
||||
}
|
||||
|
||||
@misc{HowDNSSE22:online,
|
||||
author = {},
|
||||
title = {How DNSSEC Works | Cloudflare},
|
||||
howpublished = {\url{https://www.cloudflare.com/dns/dnssec/how-dnssec-works/}},
|
||||
month = {},
|
||||
year = {},
|
||||
note = {(Accessed on 09/10/2017)}
|
||||
}
|
Loading…
Reference in a new issue