1 - 2 - 8 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - Z
domain
Click on the red underlined text to get to the source
...
This document describes extensions of the Domain Name System (DNS)
protocol to support DNS security ...
... DNS security and public key distribution. It
assumes that the reader is familiar with the Domain Name System,
particularly as described in RFCs 1033, 1034std13 ...
... Data origin" authentication is not obviously provided
for the non-existence of a domain name in a zone or the non-existence
of a type for an existing name. This gap is filled by the NXT RR
...
... resource record (RR) is used to document a key that is
associated with a Domain Name System (DNS) name. It will be a public
key as only public keys ...
... entity name. For example, "j.random_user" on
host.subdomain.domain could have a public key associated through a
KEY RR ...
... KEY RR with name j\.random_user.host.subdomain.domain and the user
bit a one. It could be used in an security protocol ...
... RR) is the fundamental way
that data is authenticated in the secure Domain Name System (DNS). As
such it is the heart of the security ...
... class, and name and binds them to a time interval and the signer's
domain name. This is done using cryptographic techniques and the
signer ...
... RR is the RR
with domain names (1) fully expanded (no name compression via
pointers), (2) all domain ...
... domain names (1) fully expanded (no name compression via
pointers), (2) all domain name letters set to lower case, and (3) the
original TTL substituted for the current TTL ...
... RDATA area exists and that no other zone signed types exist under
its owner name. This implies a canonical ordering of all domain
names in a zone.
...
... 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| next domain name /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| type bit ...
... network. The size of the bit map can
be inferred from the RDLENGTH and the length of the next domain name.
...
... query for the initial NXT associated
with the zone name. Using the next domain name RDATA field from that
RR ...
... RRs with the same name. They can be distinguished
by their signers and next domain name fields. Security aware servers
should return the correct NXT ...
... trust only their own zone. Such
interior resolvers can then go through the organization's zone
servers to access data outsize the organization's domain and should
only be configured with the key forthe organization's DNS apex.
...
...
This section discusses a variety of considerations in secure
operation of the Domain Name System (DNS) using these protocol
extensions.
...
...
This document describes technical details of extensions to the Domain
Name System (DNS) protocol to provide data integrity and origin
...
... - Mockapetris, P., "Domain Names - Concepts and Facilities", STD 13, RFC 1034std13, November 1987. ...
... - Mockapetris, P., "Domain Names - Implementation and Specifications", STD 13, RFC 1035std13, November 1987. ...