RFC 2065:Domain Name System Security Extensions
RFC-Ref

1 - 2 - 8 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - Z

CNAME

Click on the red underlined text to get to the source

2. Overview of the DNS Extensions
... Special considerations related to "time to live", CNAMEs, and delegation points are also discussed in Section 2.3. ...
... existing resolver and server implementations so long as they can support the additional resource types (see Section 8). The one exception is that CNAME referrals from a secure zone can not be authenticated ...
... Special Considerations with CNAME RRs ...
... security related RRs with the same owner name as a CNAME RR are retrieved from a non-security-aware ...
... RR are retrieved from a non-security-aware server. In particular, an initial retrieval for the CNAME or any other type will not retrieve any associated signature, key, or NXT RR ...
... other type will not retrieve any associated signature, key, or NXT RR. For types other than CNAME, it will retrieve that type at the target name of the CNAME ...
... CNAME, it will retrieve that type at the target name of the CNAME (or chain of CNAMEs) and will return the CNAME ...
... target name of the CNAME (or chain of CNAMEs) and will return the CNAME as additional information. In particular, a specific retrieval ...
... CNAME (or chain of CNAMEs) and will return the CNAME as additional information. In particular, a specific retrieval for type SIG will not get the SIG ...
... for type SIG will not get the SIG, if any, at the original CNAME domain name but rather a SIG ...
... In general, security aware servers MUST be used to securely CNAME in DNS. Security ...
... NXT RRs along with CNAME RRs, (2) suppress CNAME processing on retrieval of ...
... along with CNAME RRs, (2) suppress CNAME processing on retrieval of these types as well as on retrieval of the type CNAME, and (3) ...
... RRs, (2) suppress CNAME processing on retrieval of these types as well as on retrieval of the type CNAME, and (3) automatically return SIG RRs ...
... automatically return SIG RRs authenticating the CNAME or CNAMEs encountered in resolving a query ...
... SIG RRs authenticating the CNAME or CNAMEs encountered in resolving a query. This is a change from the previous ...
... RR type at a node where a CNAME RR was present. ...


4. The SIG Resource Record
... RRs, especially in the case of getting a response from an insecure server. (As explained in 4.2 above, it will not be possible to secure CNAMEs being served up by non-secure resolvers.) ...


8. Conformance
... secure zone MUST be at least minimally compliant and even then some things, such as secure CNAMEs, will not work without full compliance. ...
... NXT RRs in responses, (4) suppression of CNAME following on retrieval of the security type RRs ...

1 - 2 - 8 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - Z

Google
Web
RFC-Ref
RFC-Ref.org
Frontpage
Global Index
RFC
Sister Sites
Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org