netravnen/NetworkLabNotes
1
0
Fork 0
mirror of https://gitlab.com/netravnen/NetworkLabNotes.git synced 2024-12-23 20:57:53 +00:00
Code Releases Activity

DNSSEC record types

Browse source
This commit is contained in:
netravnen 2017-09-15 10:22:33 +02:00
parent 7c22c00f90
commit c5979df002
2 changed files with 23 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
chapter/dns.tex
View file

@ -51,6 +51,20 @@ Is hierarchical by design going from:
\section{DNSSEC} \section{DNSSEC}
\subsection{New Record Types}
A couple of new record types were introduced with \gls{dnssec}.\cite{HowDNSSE22:online}
\begin{itemize}
\item \itemhead{RRSIG} Contains a cryptographic signature.
\item \itemhead{DNSKEY} Contains a public signing key.
\item \itemhead{DS} Contains the hash of a DNSKEY record.
\item \itemhead{NSEC+NSEC3} For explicit denial-of-existence of a DNS record.
\item \itemhead{CDNSKEY+CDS} For a child zone requesting updates to DS record(s) in the parent zone.
\end{itemize}
\subsection[KSK]{Key Signing Key} \subsection[KSK]{Key Signing Key}
The \gls{ksk} is a used to sign other keys. Thus creating a chain-of-trust. The \gls{ksk} is a used to sign other keys. Thus creating a chain-of-trust.

9
references-websites.bib
View file

@ -48,4 +48,13 @@
month = {}, month = {},
year = {}, year = {},
note = {(Accessed on 09/10/2017)} note = {(Accessed on 09/10/2017)}
}
@misc{HowDNSSE22:online,
author = {},
title = {How DNSSEC Works | Cloudflare},
howpublished = {\url{https://www.cloudflare.com/dns/dnssec/how-dnssec-works/}},
month = {},
year = {},
note = {(Accessed on 09/10/2017)}
} }