|
TA : DNSSEC Trust Authorities (None)
Part of a deployment proposal for DNSSEC without a signed DNS root. See the IANA database and Weiler Spec] for details. Uses the same format as the DS record.
|
NSEC3 : NSEC record version 3 ( RFC 5155)
An extension to DNSSEC that allows proof of nonexistence for a name without permitting zonewalking |
NSEC : Next-Secure record ( RFC 4034)
Part of DNSSEC—used to prove a name does not exist. Uses the same format as the (obsolete) NXT record. |
DLV : DNSSEC Lookaside Validation record ( RFC 4431)
For publishing DNSSEC trust anchors outside of the DNS delegation chain. Uses the same format as the DS record. RFC 5074 describes a way of using these records. |
RRSIG : DNSSEC signature ( RFC 4034)
Signature for a DNSSEC-secured record set. Uses the same format as the SIG record. |
MX : mail exchange record ( RFC 1035)
Maps a domain name to a list of mail exchange servers for that domain |
HIP : Host Identity Protocol ( RFC 5205)
Method of separating the end-point identifier and locator roles of IP addresses. |
NS : name server record ( RFC 1035)
Delegates a DNS zone to use the given authoritative name servers |
TXT : Text record ( RFC 1035)
Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carries machine-readable data, such as specified by RFC 1464, opportunistic encryption, Sender Policy Framework, DomainKeys, DNS-SD, etc. |
A : address record ( RFC 1035)
Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host, but also used for DNSBLs, storing subnet masks in RFC 1101, etc. |
CNAME : Canonical name record ( RFC 1035)
Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name. |
SSHFP : SSH Public Key Fingerprint ( RFC 4255)
Resource record for publishing SSH public host key fingerprints in the DNS System, in order to aid in verifying the authenticity of the host. |
DS : Delegation signer ( RFC 4034)
The record used to identify the DNSSEC signing key of a delegated zone |
DNSKEY : DNS Key record ( RFC 4034)
The key record used in DNSSEC. Uses the same format as the KEY record. |
TSIG : Transaction Signature ( RFC 2845)
Record that supports one set of security mechanisms for DNS. Used to secure communication between DNS resolvers and Name servers, in contrast to DNSSEC, which secures the actual DNS records from the authoritative name server. |
SOA : start of authority record ( RFC 1035)
Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone. |
SRV : Service locator ( RFC 2782)
Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX. |
IPSECKEY : IPSEC Key ( RFC 4025)
Key record that can be used with IPSEC |
