The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.05 - September/October (2009 vol.7)
pp: 29-35
Ramaswamy Chandramouli , National Institute of Standards and Technology
Scott Rose , National Institute of Standards and Technology
ABSTRACT
The Domain Name System's growth has been unprecedented, but protocol vulnerabilities threaten its stability and trustworthiness. The Internet Engineering Task Force's DNS Security Extensions specification aims to protect the system from these attacks.
INDEX TERMS
Domain Name System, secure transactions, query/response, IETF specifications, DNS
CITATION
Ramaswamy Chandramouli, Scott Rose, "Open Issues in Secure DNS Deployment", IEEE Security & Privacy, vol.7, no. 5, pp. 29-35, September/October 2009, doi:10.1109/MSP.2009.129
REFERENCES
1. R. Chandramouli and S. Rose, Secure Domain Name System (DNS) Deployment, NIST special publication (SP 800-81); http://csrc.nist.gov/publications/nistpubs/800-81/SP800-81.pdf.
2. D. Atkins and R. Austein, Threat Analysis of the Domain Name System (DNS), IETF RFC 3833, Aug. 2004; www.ietf.org/rfc/rfc3833.txt.
3. G. Lawton, "Stronger Domain Name System Thwarts Root-Server Attacks," Computer, vol. 40, no. 5, 2007, pp. 14–17.
4. R. Arends et al., DNS Security Introduction and Requirements, IETF RFC 4033, Mar. 2005; www.ietf.org/rfc/rfc4033.txt.
5. R. Arends et al., Resource Records for the DNS Security Extensions, IETF RFC 4034, Mar. 2005; www.ietf.org/rfc/rfc4034.txt.
6. R. Arends et al., Protocol Modifications for the DNS Security Extensions, IETF RFC 4035, Mar. 2005; www.ietf.org/rfc/rfc4035.txt.
7. O. Kolkman et al., DNSSEC Operational Practices, IETF RFC 4641, Sept. 2006; www.ietf.org/rfc/rfc4641.txt.
8. Federal Information Processing Standard 180-3, Secure Hash Standard (SHS), FIPS, Oct. 2008.
9. E. Barker et al., Recommendations for Key Management Part 1: General, NIST Special Publication 800-57, Part 1, Mar. 2007; http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part1-revised2_Mar08-2007.pdf.
10. E. Barker et al., Recommendations for Key Management Part 3: Application- Specific Key Management Guidance, NIST special publication 800-57, Part 3, Oct. 2008; http://csrc.nist.gov/publications/drafts/800-57-part3/Draft_SP800-57-Part3_Recommendationsforkeymanagement.pdf.
11. P. Vixie, Extension Mechanisms for DNS (EDNS0), IETF RFC 2671, Aug. 1999; www.ietf.org/rfc/rfc2671.txt.
12. "Trust Anchor Repositories—Statement of Needed Internet Capability," SPARTA, Shinkuro, and NIST, June 2008; www.dnssec-deployment.org/tar/tarpaper.pdf.
13. M. St. Johns, Automated Updates of DNS Security (DNSSEC) Trust Anchors, IETF RFC 5011, Sept. 2007; www.ietf.org/rfc/rfc5011.txt.
14. S. Weiler, DNSSEC Lookaside Validation (DLV), IETF RFC 5074 (informational), Nov. 2007; www.ietf.org/rfc/rfc5074.txt.
23 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool