NIST, nová verze dokumentu Secure Domain Name System (DNS) Deployment Guide (SP 800-81)
02.03.2009Reviewers of the draft revised Guidelines should note the following differences and additions:
(1) Updated Recommendations for all cryptographic operations relating to digital signing of DNS records, verification of the signatures, Zone Transfer, Dynamic Updates, key Management and Authenticated Denial of Existence.
(2) The additional IETF RFC documents that have formed the basis for the updated recommendations include: DNNSEC Operational Practices (RFC 4641), Automated Updates for DNS Security (DNSSEC) Trust Anchors (RFC 5011), DNS Security (DNSSEC) Hashed Authenticated Denial of Existence (RFC 5155) and HMAC SHA TSIG Algorithm Identifiers (RFC 4635).
(3) The FIPS standards and NIST guidelines incorporated into the updated recommendations include: The Keyed-Hash Message Authentication Code (HMAC) (FIPS 198-1), Digital Signature Standard (FIPS 186-3) and Recommendations for Key Management (SP 800-57P1 & SP 800-57P3).
(4) Illustration of Secure configuration examples using DNS Software offering NSD, in addition to BIND.
Zdroj: http://csrc.ncsl.nist.gov/publications/drafts/800-81-rev1/NIST_SP-800-81-Rev1_draft.pdfAutor: JP
Heuristické vyhledání souvisejících článků v archívu NEWS
Pozor - není zdaleka přesné a výsledek je bez záruky...
Chcete-li článek obsahující konkrétní termín - pou·ijte funkci
vyhledávání !