DNSSEC FREQUENTLY ASKED
QUESTIONS
NIC.ZA Menu
.ZA DOMAIN NAME
The domain name system is the system that supports global communication networks by matching requests from Internet users to Internet Protocol address and services.
When you attempt to navigate to a website or send an email, your computer uses the DNS to point to the domain name associated with the website you want to access and maps it to an Internet protocol (IP) address. In other words, your computer ‘queries’ the DNS for the website’s location, and the DNS server answers the query by resolving the domain name to the IP address.
DNSSEC RELATED SPECIFICATIONS
The following is a list of RFCs that define the current version of DNSSEC, and are provided for further reading:
RFC 4033 – DNS Security Introduction and Requirements
RFC 4034 – Resource Records for the DNS Security Extensions
RFC 4035 – Protocol Modifications for the DNS Security Extensions
RFC 4641 – DNSSEC Operational Practices
RFC 5155 – DNS Security (DNSSEC) Hashed Authenticated Denial of Existence
EXTERNAL RESOURCES
There are many DNSSEC guides, how to documents, and websites on the Internet. The following is a list of some Key Management resources that are suggested for further reading:
DNSSEC Key Maintenance
DNSSEC Key Management and Rollover
Running OpenDNSSEC with 50000 zones
Where can I find external resources on DNSSEC?
The Internet Society (ISOC) have produced this factsheet and basics page for more information:
Internet Society Fact-Sheet.
DNSSEC Basics
ISOC have also produced more technical advice for Registrants:
http://www.internetsociety.org/deploy360/resources/dnssec-registrars/