blank.gif (43 bytes)

Church Of The
Swimming Elephant

Search:
1. Overview of Contents Connected: An Internet Encyclopedia
1. Overview of Contents

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 2065
Prev: RFC 2065
Next: 2. Overview of the DNS Extensions

1. Overview of Contents

1. Overview of Contents

This document describes extensions of the Domain Name System (DNS) protocol to support DNS security and public key distribution. It assumes that the reader is familiar with the Domain Name System, particularly as described in RFCs 1033, 1034, and 1035.

Section 2 provides an overview of the extensions and the key distribution, data origin authentication, and transaction and request security they provide.

Section 3 discusses the KEY resource record, its structure, use in DNS responses, and file representation. These resource records represent the public keys of entities named in the DNS and are used for key distribution.

Section 4 discusses the SIG digital signature resource record, its structure, use in DNS responses, and file representation. These resource records are used to authenticate other resource records in the DNS and optionally to authenticate DNS transactions and requests.

Section 5 discusses the NXT resource record and its use in DNS responses. The NXT RR permits authenticated denial in the DNS of the existence of a name or of a particular type for an existing name.

Section 6 discusses how a resolver can be configured with a starting key or keys and proceed to securely resolve DNS requests. Interactions between resolvers and servers are discussed for all combinations of security aware and security non-aware. Two additional query header bits are defined for signaling between resolvers and servers.

Section 7 reviews a variety of operational considerations including key generation, lifetime, and storage.

Section 8 defines levels of conformance for resolvers and servers.

Section 9 provides a few paragraphs on overall security considerations.

An Appendix is provided that gives details of base 64 encoding which is used in the file representation of some RR's defined in this document.


Next: 2. Overview of the DNS Extensions

Connected: An Internet Encyclopedia
1. Overview of Contents

Cotse.Net

Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

 
.
www.cotse.com
Have you gone to church today?
.
All pages ©1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephant©1999, 2000, 2001, 2002, 2003 Cotse.com.
Cotse.com is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609