1 - 2 - 8 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - Z
host
Click on the red underlined text to get to the source
... transaction and request security belongs to
the host composing the request or reply message, not to the zone
involved. The corresponding public key ...
... DNS name may refer to up to three different categories of
things. For example, dee.cybercash.com could be (1) a zone, (2) a
host or other end entity , and (3) the mapping into a DNS name of the
...
... RRs and any responses indicating the zone is not
secured should be considered bogus. If this bit is a one for a host
or end entity, it might sometimes operate in a secure mode and at
...
... Bit 5 on indicates that this is a key associated with a "user"
or "account" at an end entity, usually a host. The coding of the
owner name is that used for the responsible individual mailbox in the
...
... under the entity name. For example, "j.random_user" on
host.subdomain.domain could have a public key associated through a
...
... public key associated through a
KEY RR with name j\.random_user.host.subdomain.domain and the user
bit ...
... entity" whose name is the RR owner name. This will commonly be
a host but could, in some parts of the DNS tree, be some other type
of entity ...
... authentication service if the owner name is a DNS server host. It
could also be used in an IP-security protocol ...
... security protocol where authentication of
at the host, rather than user, level was desired, such as routing,
NTP ...
... that a key is valid for such use and, for end entity keys or the host
part of user keys, that the secure version of that protocol is
...
... valid for that
protocol and the entity or host can be simultaneously flagged as
implementing the secure version of that protocol, along with other
...
... SIG (which is signed by the server
host key, not the zone key) by the requesting resolver shows that the
query ...
... SIG RRs requires
that reasonably consistent time be available to the hosts
implementing the DNS security extensions.
...
... 1305draft). If such protocols are used,
they MUST be used securely so that time can not be spoofed.
Otherwise, for example, a host could get its clock turned back and
might then believe old SIG and KEY RRs ...
... on-line version could still
be tampered with if the host it resides on is compromised. For
maximum security, the master copy of the zone file should be off net
...
...
Non-zone private keys, such as host or user keys, generally have to
be kept on line to be used for real-time purposes such as DNS ...
... secure DNS you can have high confidence
in the IP address you retrieve for a host name; however, this does
not stop someone for substituting an unauthorized host at that
...
... IP address you retrieve for a host name; however, this does
not stop someone for substituting an unauthorized host at that
address or capturing packets sent to that address ...