DNSSEC FREQUENTLY ASKED
QUESTIONS

.ZA DOMAIN NAME


What is the Domain Name System (DNS)?

The domain name system is the system that supports global communication networks by matching requests from Internet users to Internet Protocol address and services.

When you attempt to navigate to a website or send an email, your computer uses the DNS to point to the domain name associated with the website you want to access and maps it to an Internet protocol (IP) address. In other words, your computer ‘queries’ the DNS for the website’s location, and the DNS server answers the query by resolving the domain name to the IP address.

DNSSEC RELATED SPECIFICATIONS



The following is a list of RFCs that define the current version of DNSSEC, and are provided for further reading:

RFC 4033 – DNS Security Introduction and Requirements

RFC 4034 – Resource Records for the DNS Security Extensions

RFC 4035 – Protocol Modifications for the DNS Security Extensions

RFC 4641 – DNSSEC Operational Practices

RFC 5155 – DNS Security (DNSSEC) Hashed Authenticated Denial of Existence

EXTERNAL RESOURCES



There are many DNSSEC guides, how to documents, and websites on the Internet. The following is a list of some Key Management resources that are suggested for further reading:

DNSSEC Key Maintenance
DNSSEC Key Management and Rollover
Running OpenDNSSEC with 50000 zones

Where can I find external resources on DNSSEC?

The Internet Society (ISOC) have produced this factsheet and basics page for more information:
Internet Society Fact-Sheet.
DNSSEC Basics

ISOC have also produced more technical advice for Registrants:

http://www.internetsociety.org/deploy360/resources/dnssec-registrars/