hw8 - duration of the TTL and then discarded. What should a...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
CS 217A: Homework 8 Due on Lixia Zhang
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CS 217A (Lixia Zhang ): Homework 8 Problem 1 Problem 1 According to the RFCs, what are the new record types added to DNS by DNSSEC? Problem 2 According to the RFCs, what are the 3 “Services” provided by DNSSEC. Also give a a brief (1 - 2 sentences in your own words ) description of each? Problem 3 When a DNSSEC zone contains delegation records (NS records) for another zone, does it sign those records along with its own? Why or why not? Problem 4 According to the RFCs, how does DNSSEC protect DNS against DoS attacks (if at all)? Problem 5 Specifically, how does a security-aware resolver signal to a security-aware nameserver that it would like DNSSEC to be used for the reply to its query? Problem 6 Assume a security-aware caching resolver receives a DNS RRset at time t 0 with signatures on it that expire at time t 1 (where t 0 < t 1 ), and the RRset’s TTL is n . According to DNS, RRsets should be cached for the
Background image of page 2
Background image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: duration of the TTL and then discarded. What should a security aware resolver do if t + n > t 1 ? Problem 7 (Optional) In your own words, what purpose does the type bit maps eld serve in the NSEC resource record? Problem 8 (Optional) In your own words, describe the meaning of each eld in the DNSKEY resource record. Problem 9 In your own words, what is the purpose of the key tag in the RRSIG resource record? While it is a required eld in the wire format, would it be possible to write a security-aware resolver that didnt use this eld? Page 1 of 2 CS 217A (Lixia Zhang ): Homework 8 Problem 10 Problem 10 (Optional) In your own words, why does the RRSIG resource record need to have the original TTL eld, and why cant the TTL eld that all RRsets have in them be used instead? Page 2 of 2...
View Full Document

This note was uploaded on 01/20/2012 for the course CS 217 taught by Professor Staff during the Winter '08 term at UCLA.

Page1 / 3

hw8 - duration of the TTL and then discarded. What should a...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online