1 1.1.1.2 christos .. Copyright (C) Internet Systems Consortium, Inc. ("ISC") 2 1.1.1.2 christos .. 3 1.1.1.2 christos .. SPDX-License-Identifier: MPL-2.0 4 1.1.1.2 christos .. 5 1.1.1.2 christos .. This Source Code Form is subject to the terms of the Mozilla Public 6 1.1.1.2 christos .. License, v. 2.0. If a copy of the MPL was not distributed with this 7 1.1.1.2 christos .. file, you can obtain one at https://mozilla.org/MPL/2.0/. 8 1.1.1.2 christos .. 9 1.1.1.2 christos .. See the COPYRIGHT file distributed with this work for additional 10 1.1.1.2 christos .. information regarding copyright ownership. 11 1.1 christos 12 1.1 christos Preface 13 1.1 christos ------- 14 1.1 christos 15 1.1 christos .. _preface_organization: 16 1.1 christos 17 1.1 christos Organization 18 1.1 christos ~~~~~~~~~~~~ 19 1.1 christos 20 1.1 christos This document provides introductory information on how DNSSEC works, how 21 1.1 christos to configure BIND 9 to support some common DNSSEC features, and 22 1.1 christos some basic troubleshooting tips. The chapters are organized as follows: 23 1.1 christos 24 1.1 christos :ref:`dnssec_guide_introduction` covers the intended audience for this 25 1.1 christos document, assumed background knowledge, and a basic introduction to the 26 1.1 christos topic of DNSSEC. 27 1.1 christos 28 1.1 christos :ref:`getting_started` covers various requirements 29 1.1 christos before implementing DNSSEC, such as software versions, hardware 30 1.1 christos capacity, network requirements, and security changes. 31 1.1 christos 32 1.1 christos :ref:`dnssec_validation` walks through setting up a validating 33 1.1 christos resolver, and gives both more information on the validation process and 34 1.1 christos some examples of tools to verify that the resolver is properly validating 35 1.1 christos answers. 36 1.1 christos 37 1.1 christos :ref:`dnssec_signing` explains how to set up a basic signed 38 1.1.1.3 christos authoritative zone, details the relationship between a child and a parent zone, 39 1.1 christos and discusses ongoing maintenance tasks. 40 1.1 christos 41 1.1 christos :ref:`dnssec_troubleshooting` provides some tips on how to analyze 42 1.1 christos and diagnose DNSSEC-related problems. 43 1.1 christos 44 1.1 christos :ref:`dnssec_advanced_discussions` covers several topics, including key 45 1.1 christos generation, key storage, key management, NSEC and NSEC3, and some 46 1.1 christos disadvantages of DNSSEC. 47 1.1 christos 48 1.1 christos :ref:`dnssec_recipes` provides several working examples of common DNSSEC 49 1.1 christos solutions, with step-by-step details. 50 1.1 christos 51 1.1 christos :ref:`dnssec_commonly_asked_questions` lists some commonly asked 52 1.1 christos questions and answers about DNSSEC. 53 1.1 christos 54 1.1 christos .. _preface_acknowledgement: 55 1.1 christos 56 1.1 christos Acknowledgements 57 1.1 christos ~~~~~~~~~~~~~~~~ 58 1.1 christos 59 1.1 christos This document was originally authored by Josh Kuo of `DeepDive 60 1.1 christos Networking <https://www.deepdivenetworking.com/>`__. He can be reached 61 1.1.1.2 christos at josh.kuo (a] gmail.com. 62 1.1 christos 63 1.1 christos Thanks to the following individuals (in no particular order) who have 64 1.1 christos helped in completing this document: Jeremy C. Reed, Heidi Schempf, 65 1.1 christos Stephen Morris, Jeff Osborn, Vicky Risk, Jim Martin, Evan Hunt, Mark 66 1.1 christos Andrews, Michael McNally, Kelli Blucher, Chuck Aurora, Francis Dupont, 67 1.1 christos Rob Nagy, Ray Bellis, Matthijs Mekking, and Suzanne Goldlust. 68 1.1 christos 69 1.1 christos Special thanks goes to Cricket Liu and Matt Larson for their 70 1.1 christos selflessness in knowledge sharing. 71 1.1 christos 72 1.1 christos Thanks to all the reviewers and contributors, including John Allen, Jim 73 1.1 christos Young, Tony Finch, Timothe Litt, and Dr. Jeffry A. Spain. 74 1.1 christos 75 1.1 christos The sections on key rollover and key timing metadata borrowed heavily 76 1.1 christos from the Internet Engineering Task Force draft titled "DNSSEC Key Timing 77 1.1 christos Considerations" by S. Morris, J. Ihren, J. Dickinson, and W. Mekking, 78 1.1 christos subsequently published as :rfc:`7583`. 79 1.1 christos 80 1.1 christos Icons made by `Freepik <https://www.freepik.com/>`__ and 81 1.1.1.4 christos `SimpleIcon <https://simpleicon.com/>`__ from 82 1.1 christos `Flaticon <https://www.flaticon.com/>`__, licensed under `Creative Commons BY 83 1.1 christos 3.0 <https://creativecommons.org/licenses/by/3.0/>`__. 84
Indexes created Thu May 07 00:24:58 UTC 2026