From c5979df002f1b9d5fbd09ad261b7e1d91e5de73b Mon Sep 17 00:00:00 2001
From: Christoffer <netravnen@gmail.com>
Date: Fri, 15 Sep 2017 10:22:33 +0200
Subject: [PATCH] DNSSEC record types

---
 chapter/dns.tex         | 14 ++++++++++++++
 references-websites.bib |  9 +++++++++
 2 files changed, 23 insertions(+)

diff --git a/chapter/dns.tex b/chapter/dns.tex
index c1e92ce..9c6c009 100644
--- a/chapter/dns.tex
+++ b/chapter/dns.tex
@@ -51,6 +51,20 @@ Is hierarchical by design going from:
 
 \section{DNSSEC}
 
+
+
+\subsection{New Record Types}
+
+A couple of new record types were introduced with \gls{dnssec}.\cite{HowDNSSE22:online}
+
+\begin{itemize}
+    \item \itemhead{RRSIG}       Contains a cryptographic signature.
+    \item \itemhead{DNSKEY}      Contains a public signing key.
+    \item \itemhead{DS}          Contains the hash of a DNSKEY record.
+    \item \itemhead{NSEC+NSEC3}  For explicit denial-of-existence of a DNS record.
+    \item \itemhead{CDNSKEY+CDS} For a child zone requesting updates to DS record(s) in the parent zone.
+\end{itemize}
+    
 \subsection[KSK]{Key Signing Key}
 
 The \gls{ksk} is a used to sign other keys. Thus creating a chain-of-trust.
diff --git a/references-websites.bib b/references-websites.bib
index 7304ec3..1a4d7ae 100644
--- a/references-websites.bib
+++ b/references-websites.bib
@@ -48,4 +48,13 @@
     month = {},
     year = {},
     note = {(Accessed on 09/10/2017)}
+}
+
+@misc{HowDNSSE22:online,
+    author = {},
+    title = {How DNSSEC Works | Cloudflare},
+    howpublished = {\url{https://www.cloudflare.com/dns/dnssec/how-dnssec-works/}},
+    month = {},
+    year = {},
+    note = {(Accessed on 09/10/2017)}
 }
\ No newline at end of file