DNSSEC
E37203
DNSSEC (Domain Name System Security Extensions) is a suite of specifications that adds cryptographic authentication and integrity protection to DNS data to prevent attacks such as cache poisoning and spoofing.
All labels observed (11)
Statements (51)
| Predicate | Object |
|---|---|
| instanceOf |
DNS extension
ⓘ
internet security protocol suite ⓘ |
| abbreviation | DNSSEC self-link ⓘ |
| appliesTo |
forward DNS zones
ⓘ
reverse DNS zones ⓘ |
| definedInRFC |
RFC 4033
ⓘ
RFC 4034 ⓘ RFC 4035 ⓘ RFC 4509 ⓘ RFC 5011 ⓘ RFC 5155 ⓘ RFC 5702 ⓘ RFC 6605 ⓘ RFC 6840 ⓘ RFC 8080 ⓘ |
| deploymentStatus | partially deployed on the public internet ⓘ |
| doesNotProvide | confidentiality ⓘ |
| fullName |
DNSSEC
self-linksurface differs
ⓘ
surface form:
Domain Name System Security Extensions
|
| introducesRecordType |
CDNSKEY
ⓘ
CDS ⓘ DNSKEY ⓘ DS ⓘ NSEC ⓘ NSEC3 ⓘ NSEC3PARAM ⓘ RRSIG ⓘ |
| mitigates |
DNS cache poisoning
ⓘ
DNS spoofing ⓘ |
| operatesOn | DNS resource records ⓘ |
| provides |
data integrity
ⓘ
data origin authentication ⓘ |
| relatedStandard |
DANE
ⓘ
TSIG ⓘ |
| requires |
DNSSEC-aware authoritative name servers
ⓘ
DNSSEC-validating resolvers ⓘ |
| rootZoneManagedBy |
Internet Corporation for Assigned Names and Numbers
ⓘ
surface form:
ICANN
U.S. Department of Commerce ⓘ VeriSign ⓘ
surface form:
Verisign
|
| rootZoneSigned | 2010-07-15 ⓘ |
| standardizedBy |
Internet Engineering Task Force
ⓘ
surface form:
IETF
|
| supportsAlgorithm |
DSA
ⓘ
ECDSA ⓘ Ed25519 ⓘ Ed448 ⓘ RSA ⓘ |
| usesCryptography | public key cryptography ⓘ |
| usesMechanism |
chain of trust
ⓘ
delegation signer records ⓘ key signing key ⓘ zone signing key ⓘ |
| verificationPerformedBy | validating resolver ⓘ |
Referenced by (44)
Full triples — surface form annotated when it differs from this entity's canonical label.
this entity surface form:
DNS Security Extensions
this entity surface form:
Domain Name System Security Extensions
this entity surface form:
Domain Name System Security Extensions
this entity surface form:
DNS Security Extensions
this entity surface form:
DNSSEC trust model
this entity surface form:
DNS Security Introduction and Requirements specification set
this entity surface form:
DNS Security Extensions
this entity surface form:
DNS Extensions (dnsext)
this entity surface form:
DNS Security Extensions
this entity surface form:
DNS Security Extensions
this entity surface form:
Domain Name System Security Extensions