RFC 4035:Protocol Modifications for the DNS Securi...
RFC-Ref
Previous
|
Next
Frontpage
|
Contents
|
Keywords
Protocol Modifications for the DNS Security Extensions
1. Introduction
1.1. Background and Related Documents
1.2. Reserved Words
2. Zone Signing
2.1. Including DNSKEY RRs in a Zone
2.2. Including RRSIG RRs in a Zone
2.3. Including NSEC RRs in a Zone
2.4. Including DS RRs in a Zone
2.5. Changes to the CNAME Resource Record
2.6. DNSSEC RR Types Appearing at Zone Cuts
2.7. Example of a Secure Zone
3. Serving
3.1. Authoritative Name Servers
3.1.1. Including RRSIG RRs in a Response
3.1.2. Including DNSKEY RRs in a Response
3.1.3. Including NSEC RRs in a Response
3.1.3.1. Including NSEC RRs: No Data Response
3.1.3.2. Including NSEC RRs: Name Error Response
3.1.3.3. Including NSEC RRs: Wildcard Answer Response
3.1.3.4. Including NSEC RRs: Wildcard No Data Response
3.1.3.5. Finding the Right NSEC RRs
3.1.4. Including DS RRs in a Response
3.1.4.1. Responding to Queries for DS RRs
3.1.5. Responding to Queries for Type AXFR or IXFR
3.1.6. The AD and CD Bits in an Authoritative Response
3.2. Recursive Name Servers
3.2.1. The DO Bit
3.2.2. The CD Bit
3.2.3. The AD Bit
3.3. Example DNSSEC Responses
4. Resolving
4.1. EDNS Support
4.2. Signature Verification Support
4.3. Determining Security Status of Data
4.4. Configured Trust Anchors
4.5. Response Caching
4.6. Handling of the CD and AD Bits
4.7. Caching BAD Data
4.8. Synthesized CNAMEs
4.9. Stub Resolvers
4.9.1. Handling of the DO Bit
4.9.2. Handling of the CD Bit
4.9.3. Handling of the AD Bit
5. Authenticating DNS Responses
5.1. Special Considerations for Islands of Security
5.2. Authenticating Referrals
5.3. Authenticating an RRset with an RRSIG RR
5.3.1. Checking the RRSIG RR Validity
5.3.2. Reconstructing the Signed Data
5.3.3. Checking the Signature
5.3.4. Authenticating a Wildcard Expanded RRset Positive Response
5.4. Authenticated Denial of Existence
5.5. Resolver Behavior When Signatures Do Not Validate
5.6. Authentication Example
6. IANA Considerations
7. Security Considerations
8. Acknowledgements
9. References
9.1. Normative References
9.2. Informative References
10. Appendix A. Signed Zone Example
11. Appendix B. Example Responses
12. Appendix C. Authentication Examples
13. Authors' Addresses
14. Full Copyright Statement
15. Intellectual Property
16. Acknowledgement
Previous
|
Next
Frontpage
|
Contents
|
Keywords
Web
RFC-Ref
RFC-Ref.org
Frontpage
Global Index
RFC
Sister Sites
Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org
