Ir para Conteúdo

Ferramentas

TUTORIAIS:

• BIND DNSSEC Guide

SCRIPTS:

• KIT DNSSEC: v0.9 
• Script @ ul.pt: 
editNsign
• Example files: 
example file zone / named.conf

REFERÊNCIAS:

http://www.dnssec-validator.cz
http://dnscheck.iis.se
http://dnscheck.pingdom.com
http://dnssec-debugger.verisignlabs.com
http://dnsviz.net

PROJECTOS:

http://www.internetsociety.org/deploy360/dnssec
http://www.dnssec.net
http://www.dnssec-deployment.org

RFCs:

• DNS
RFC 1034: Domain Names - Concepts and Facilities
RFC 1035: Domain Names - Implementation and Sspecification
RFC 1912: Common DNS Operational and Configuration Errors
RFC 2671: Extension Mechanisms for DNS (EDNS0)

• DNSSEC

RFC 4033: DNS Security Introduction and Requirements
RFC 4034: Resource Records for the DNS Security Extensions
RFC 4035: Protocol Modifications for the DNS Security Extensions
RFC 4470. Minimally Covering NSEC Records and DNSSEC On-line Signing
RFC 4641: DNSSEC Operational Practices
RFC 5155: DNS Security (DNSSEC) Hashed Authenticated Denial of Existence
RFC 6014: Cryptographic Algorithm Identifier Allocation for DNSSEC

• DANE

RFC 6698:
The DNS-Based Authentication of Named Entities (DANE)
Transport Layer Security (TLS) Protocol: TLSA
RFC 7218:
Adding Acronyms to Simplify Conversations about
DNS-Based Authentication of Named Entities (DANE)
RFC 7671:
The DNS-Based Authentication of Named Entities (DANE) Protocol:
Updates and Operational Guidance