2013
DOI: 10.17487/rfc6840
|View full text |Cite
|
Sign up to set email alerts
|

Clarifications and Implementation Notes for DNS Security (DNSSEC)

Abstract: This document is a collection of technical clarifications to the DNS Security (DNSSEC) document set. It is meant to serve as a resource to implementors as well as a collection of DNSSEC errata that existed at the time of writing. This document updates the core DNSSEC documents (RFC 4033, RFC 4034, and RFC 4035) as well as the NSEC3 specification (RFC 5155). It also defines NSEC3 and SHA-2 (RFC 4509 and RFC 5702) as core parts of the DNSSEC specification.

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1

Citation Types

0
2
0

Year Published

2017
2017
2024
2024

Publication Types

Select...
5
1

Relationship

0
6

Authors

Journals

citations
Cited by 24 publications
(2 citation statements)
references
References 9 publications
0
2
0
Order By: Relevance
“…Furthermore, we did not implement all DNS features, such as DNSSEC [10,[22][23][24]33]. Cryptographic operations are hard to fuzz, but may still represent interesting attack targets for malicious actors.…”
Section: Limitationsmentioning
confidence: 99%
“…Furthermore, we did not implement all DNS features, such as DNSSEC [10,[22][23][24]33]. Cryptographic operations are hard to fuzz, but may still represent interesting attack targets for malicious actors.…”
Section: Limitationsmentioning
confidence: 99%
“…Domain name owners may be able to deploy ZSKs with ECDSA algorithms, and choose a different algorithm for the KSK; however, this trick is prohibited by RFC 6840 and often causes resolvers to fail validation[66].…”
mentioning
confidence: 99%