RRSIG resource record
Printer Friendly Format
Bookmark this page
Back to "Domain Name System"- Related Websites
- DNS Extensions working group J. Jansen Internet-Draft NLnet Labs ...
- Net::DNS::RR::RRSIG - DNS RRSIG resource record
- Net::DNS::RR::RRSIG - DNS RRSIG resource record
- Net::DNS::RR::RRSIG - DNS RRSIG resource record - search.cpan.org
- Net::DNS::RR::RRSIG - DNS RRSIG resource record - search.cpan.org
- Network Working Group R. Arends Request for Comments: 4034 ...
With RRSIG resource record and/or Signature resource record can be signed in the framework by DNSSEC (DNS Security) arbitrary resource record digitally. The RRSIG type replaced 2004 the almost identical SIG resource record.
Background
A user, who receives to a DNS Request an answer (e.g. a IP address), cannot be not safe that the answer also really comes from a regular name server and that it was not falsified on the route of transportation. The solution is to sign resource record digitally.
A digital signature presupposes a publication IC key procedure. The name server, which is autoritativ as masters for an DNS entry, signs this with its private key. Resolvers can validate the digital signature at any time, if they know the public key of the zone.
Structure
A RRSIG resource record consists of the following fields:
Name of the digitally signed RRsRRSIG (type 46)
Current TTL indicates, like for a long time this entry in the Cache to be held type of being allowed key of the signed RR - e.g. A, LV, (1=MD5,2=Diffie-Hellman, 3=DSA) number of name components for Wildcard dissolution - sees to RFC 2535TTL at the time the signature start time starting from that the signature valid istEndzeitpunkt up to that the signature valid isteindeutige number over between several signatures differentiating (English keys day) name of the signer (zone) actual signatureExample
In this example a A-RR is digitally signed:
www.child.ex ample. 1285 A 1.2.3.15 www.child.ex ample. 1285 RRSIG (A; Type is A-RR 3; DSA Encryption 3; Name has 3 components 1285; Original TTL 20040327122207; Start time 20040226122207; End-time 22004; clear number child.example. ; Name of the signer BMTLR80WnKndatr77OirBtprR9SLKoZUiPWX U5kViDi+5amYW/GFCp0=)
Related links
- RFC 4033 - DNS Security Extension
Back to topArticles in category "RRSIG resource record"
We found here 9 articles.
R» Recursive and iterative dissolution of name» Resource record » RESTENA » Reverse domain » Reverse Domain Hijacking » RMX (DNS) » Root server » RP resource record » RRSIG resource record |
Related Websites
We found here 6 related websites.
- DNS Extensions working group J. Jansen Internet-Draft NLnet Labs ...
4 6.1 SHA-1 versus SHA-256 Considerations for RRSIG resource records . ... RFC4034 describes how to store DNSKEY and RRSIG resource records, and specifies a ... - Net::DNS::RR::RRSIG - DNS RRSIG resource record
Class for DNS Address (RRSIG) resource records. In addition to the regular methods in the Net::DNS::RR the Class contains a method to sign RRsets using ... - Net::DNS::RR::RRSIG - DNS RRSIG resource record
Class for DNS Address (RRSIG) resource records. In addition to the regular methods in the Net::DNS::RR the Class contains a method to sign RRsets using ... - Net::DNS::RR::RRSIG - DNS RRSIG resource record - search.cpan.org
Class for DNS Address (RRSIG) resource records. In addition to the regular methods in the Net::DNS::RR the Class contains a method to sign RRsets using ... - Net::DNS::RR::RRSIG - DNS RRSIG resource record - search.cpan.org
Class for DNS Address (RRSIG) resource records. In addition to the regular methods in the Net::DNS::RR the Class contains a method to sign RRsets using ... - Network Working Group R. Arends Request for Comments: 4034 ...
The RRSIG Resource Record DNSSEC uses public key cryptography to sign and ... Digital signatures are stored in RRSIG resource records and are used in the ...
Index | Privacy | Terms Of Use | Sitemap | Feedback
