1 - 2 - 8 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - Z

start

Click on the red underlined text to get to the source

... Section 6 discusses how a resolver can be configured with a starting key or keys and proceed to securely resolve DNS requests. ...

4. The SIG Resource Record

... particular type, name, and class must have the same TTL to start with. ...

... valid until the "signature expiration" time which is an unsigned number of seconds since the start of 1 January 1970, GMT, ignoring leap seconds. (See also Section 4.4.) SIG ...

... The "time signed" field is an unsigned number of seconds since the start of 1 January 1970, GMT, ignoring leap seconds. ...

... delegation point NSs are not zone signed but zone apex NSs are). When you have finished processing all the starting RRs as described above, you can then use the cumulative zone hash ...

5. Non-existent Names and Types

... part of this interval. Thus if *.X.ZONE exists you would expect an NXT RR that ends at X.ZONE and one that starts with the last name covered by *.X.ZONE. However, this "last name covered" is something very ugly and long like \255\255\255....X.zone. So the NXT ...

6. The AD and CD Bits and How to Resolve Securely

... Domain Name System (DNS) involves starting with one or more trusted public keys for one or more zones. With trusted keys, a resolver willing to perform ...

... security aware resolver would still gain some confidence in the results it returns even if it was not configured with any keys but trusted what it got from a local well known server as a starting point. ...

... The format for a boot file directive to configure a starting zone key is as follows: ...

... algorithms (algorithm 254), starts with the algorithm's identifying OID ...

... While it might seem logical for everyone to start with the key for the root zone, this has problems. The logistics of updating every ...

... Starting with one or more trusted keys for a zone, it should be possible to retrieve signed keys for its subzones which have a key ...

... secure zone via a keyfile directive. This makes it possible to climb the tree of zones if one starts below root. A secure sub-zone is indicated by a KEY RR ...

... A resolver should keep track of the number of successive secure zones traversed from a starting point to any secure zone it can reach. In general, the lower such a distance number is, the greater the ...

1 - 2 - 8 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - Z

Previous | Next

Frontpage | Contents | Keywords

RFC-Ref.org

Sister Sites

Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org