Questions tagged [dnssec]

Domain Name System Security Extension is a specification for securing certain kinds of information provided by Domain Name System

Domain Name System Security Extension is a specification for securing certain kinds of information provided by Domain Name System.

Its purpose is to allow DNS resolvers (clients) to establish origin and authenticity of DNS records. It works by digitally signing these records using public-key cryptography.

Currently it is described in IETF RFC 2535.

202 questions

votes

1 answer

DNSSEC can easily be spoofed?

I want to know the purpose of DNSSEC, what problem does it really try to solve? I think DNSSEC can easily be spoofed by inserting a non-DNSSEC DNS server into the network that serves a non-DNSSEC copy of the zone. But maybe that is not the problem…

dnssec

asked Nov 27 '20 at 14:24

anneb

votes

1 answer

How do I generate an SSHFP record from a remote ssh server (like a router)?

How do I generate an SSHFP DNS records for a server like a router that does not give you direct access to their keys in a format that ssh-keygen -r machine understands? The ssh-keygen -r machine reads private keys on the local machine.

ssh dnssec

asked Sep 08 '20 at 16:19

Graham Leggett

votes

1 answer

DNS is only partially working after changing the provider

My website is ecoguardfilters.com. I bought a domain from GoDaddy and hosting is with Hostinger. I changed the nameserver to Hostinger, but it is still not fully propagated, after two weeks. What could be the problem?

domain-name-system dns-zone dns-hosting dnssec

asked Jul 27 '20 at 06:27

Shahid

votes

1 answer

Existing RRSIG with KSK, but no DS record

When getting the key for domaindiscount24.net, I got: domaindiscount24.net. 3600 IN DNSKEY 257 3 7…

domain-name-system dnssec

asked Jun 09 '20 at 07:50

vinz

-1

votes

1 answer

How to find documentation about implementing DNSSEC?

I have a question about the implementation of DNSSEC. I have a DNS Server and I want to implement DNSSEC, but I can't find documentation for this. I have a lot of confusion about this topic since there is little documentation and little precision.…

domain-name-system bind dnssec

asked Jun 14 '19 at 10:02

Fabio Orefice Amez

-1

votes

1 answer

Authenticating DNS Queries

Is there any way to use a TSIG (or other) key in combination with a DNS query to authenticate into a DNS view for use with recursion? Something like: key trusted-key { algorithm HMAC-SHA256; secret "blonggggg"; }; acl trusted { key…

domain-name-system authentication bind dnssec

asked Dec 31 '18 at 03:57

Tripp Kinetics

-1

votes

2 answers

How do I secure a zone with dlv.isc.org's DLV service?

I'm setting up domain-lookaside validation. I think I got mostly everything correct. I followed the directions here: https://dlv.isc.org/about/using. I registered my domain and uploaded the key signing key, signed my zone with -l dlv.isc.org option,…

domain-name-system bind dnssec

asked Nov 24 '14 at 06:05

jason dancks

Prev 1 2 3

…