|  Ana Sayfa
Yardım

Alan Adları Yardım

What is the DNSSEC chain of trust?

The DNSSEC (Domain Name System Security Extensions) chain of trust is a verified electronic signature, or handshake, at each DNS lookup node. In other words, it is a chain of lookups validated by the domain name's digital signature that secures the request through all lookup nodes. This ensures that no rogue or illicit player can slip into the lookup path and redirect the lookup to a bogus site.

Here's an example of using your browser to visit coolexample.org:

  1. Your lookup request goes to the domain name's root server and asks for the location of .org domain names. The root server, which is DNSSEC-aware, indicates the registry for .org domain extensions, PIR.
  2. The lookup asks PIR, the .org domain name registry and currently DNSSEC-aware, for the location of coolexample.org.
  3. PIR points the lookup to the authoritative DNS server for coolexample.org. This authoritative nameserver must also be DNSSEC-aware to continue the chain.
  4. The authoritative DNS server provides the requested address to you and your computer.

From your local computer to the authoritative nameserver for the requested URL and back, a digital signature (or handshake) at each node insures that your request provides the website you requested and that the request is not intercepted by rogue operators along the way.


Bu Makale Yardımcı Oldu mu?
Geri bildiriminiz için teşekkür ederiz. Müşteri hizmetleri temsilcisiyle görüşmek için lütfen destek telefon numarasını veya yukarıdaki sohbet seçeneğini kullanın.
Yardımcı olabildiysek ne mutlu bize! Sizin için yapabileceğimiz başka bir şey var mı?
Bunun için üzgünüz. Kafanızı neyin karıştırdığını veya çözümün problemi neden gidermediğini bize belirtin.