Information Series on DNS: Part 10

Abhijeet Modi/ September 19, 2021/ Blog

The following series of articles details information of DNS Records, we are covering each setting in the series, providing basic use and purpose.

What are NSEC3 Records, what are they used for, and how do they work?

Identified by RFC 5155, the NSEC3 records stand for the next secure record version 3. As the name suggests, these records have the same functionality and features as the NSEC records with the only difference being the fact that these records are associated with the cryptographically hashed records. It points the user to the next record name and presents the detailed list of the records available for the particular name in the zone.

What are NSEC3PARAM Records, what are they used for, and how do they work?

The NSEC3PARAM records are identified by RFC 5155 and they are mainly used by the DNS servers to figure out which kinds of NSEC3 records must be added in order to give the response to the DNNSEC requests. These records consist of the parameters required by the authoritative server for finding out the name and details of the hashed owners. Unlike other types of records, the NSEC3PARAM records are not utilized by the resolvers.

What are OPENPGPKEY records, what are they used for, and how do they work?

OPENPGPKEY is one of the famous DNS records that send PGP public keys for emails. The main issue with the PGP is the key distribution. The authentication of the key, as well as its delivery, are the two main areas that the OPENPGPKEY fixes. These records ensure that the user is utilizing the right key for the mail encryption. All the rules regarding how the OPENPGPKEY is used and what exactly does it cater to are mentioned in RFC 7929. This record stores the public key on the DNS server.

Share this Post