DNS KEY (DNSKEY)

The DNSKEY RR is part of the DNSSEC (DNSSEC.bis) standard. DNSKEY RRs contain the public key (of an asymmetric encryption algorithm) used in zone signing operations. Public keys used for other functions are defined using a KEY RR. DNSKEY RRs may be either a Zone Signing Key (ZSK) or a Key Signing Key (KSK). The DNSKEY RR is created using the dnssec-keygen utility supplied with BIND.

One day real soon now™

Pro DNS and BIND by Ron Aitchison

Contents

tech info
guides home
dns articles
intro
contents
1 objectives
big picture
2 concepts
3 reverse map
4 dns types
quickstart
5 install bind
6 samples
reference
7 named.conf
8 dns records
operations
9 howtos
10 tools
11 trouble
programming
12 bind api's
security
13 dns security
bits & bytes
15 messages
resources
notes & tips
registration FAQ
dns resources
dns rfc's
change log