Domain Name System Security Extensions (DNSSEC)
GPTKB entity
Statements (48)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:XMPP_Extension_Protocol
|
| gptkbp:bfsLayer |
5
|
| gptkbp:bfsParent |
gptkb:AWS_Route_53
|
| gptkbp:can_be_used_with |
DNS over HTTPS (Do H)
DNS over TLS (Do T) |
| gptkbp:dependency |
public key infrastructure (PKI)
|
| gptkbp:developed_by |
gptkb:Internet_Engineering_Task_Force_(IETF)
|
| gptkbp:enhances |
DNS security
|
| gptkbp:first_introduced |
gptkb:RFC_2535
|
| https://www.w3.org/2000/01/rdf-schema#label |
Domain Name System Security Extensions (DNSSEC)
|
| gptkbp:includes |
key signing keys (KSK)
zone signing keys (ZSK) |
| gptkbp:is |
a replacement for DNS
|
| gptkbp:is_adopted_by |
gptkb:Educational_Institution
government agencies large enterprises |
| gptkbp:is_challenged_by |
performance overhead
key management issues lack of awareness implementation complexity legacy systems compatibility misconfiguration risks DNSSEC auditing needs DNSSEC compliance issues DNSSEC deployment costs DNSSEC monitoring requirements DNSSEC performance tuning DNSSEC policy development DNSSEC testing requirements DNSSEC troubleshooting needs DNSSEC validation failures DNSSEC-aware applications interoperability concerns key rollover procedures limited support in some DNS software trust anchor management user education needs zone delegation issues |
| gptkbp:is_implemented_in |
domain registrars
|
| gptkbp:is_part_of |
DNS protocol suite
|
| gptkbp:is_protected_by |
DNS spoofing
|
| gptkbp:is_supported_by |
many top-level domains (TL Ds)
|
| gptkbp:is_used_in |
domain name resolution
|
| gptkbp:latest_version |
gptkb:RFC_8624
|
| gptkbp:provides |
authentication of DNS data
|
| gptkbp:purpose |
to protect the integrity of DNS data
|
| gptkbp:requires |
DNS resolver support
|
| gptkbp:uses |
digital signatures
|