Academic Journals Database
Disseminating quality controlled scientific knowledge

Key Revocation System for DNSSEC

Author(s): Gilles Guette

Journal: Journal of Networks
ISSN 1796-2056

Volume: 3;
Issue: 6;
Start page: 54;
Date: 2008;
Original page

Keywords: DNSSEC | Revocation | Key Management | Network Security

The Doma in Name System (DNS) is a distributed tree-based database largely used to translate a human readable machine name into an IP address. The DNS security extensions (DNSSEC) has been designed to protect the DNS protocol using public key cryptography and digital signatures. In this paper, we show how DNSSEC can be attacked using compromised keys and the consequences of such attacks. Then, we propose a new revocation scheme for DNSSEC based on two new resource records. There is currently no revocation system defined in the DNSSEC standard.
Save time & money - Smart Internet Solutions      Why do you need a reservation system?