Information Series on DNS: Part 3

Abhijeet Modi/ September 10, 2021/ Blog

The following series of articles details information of DNS Records, we are covering each setting in the series, providing basic use and purpose.

What are CDS Records, what are they used for, and how do they work?

CDS is similar to the CDNSKEY records, with the only difference being the fact that it is the child copy of DS records. Specified as RFC 7344, the CDS records act as the source that automates DS’s key rotation. This key rotation makes it easier for the domain to implement the best security protocols that support seamless interaction between different parties. That’s what the CDS records help you achieve. The records automate the key rotation and make the management of the domains and subdomains a whole lot easier. If the registry supports the CDS records, you will not need the domain registrar for the domain registration requirements.

What are CERT Records, what are they used for, and how do they work?

Specified by RFC 4398, the CERT records are used for keeping the DNS certificates. These records store PGP, SPKI, and other types of DNS certificates. To ensure secure interaction between two parties, it is important to store the information about the sender and the recipient. That’s what the CERT records do.

In addition to that, the CERT records provide you with the latest information about the certificates. It also sends notifications when the particular domain certificate is invalid. The records are mainly used by the healthcare industry that needs to protect the sensitive information of the patients. The main purpose of the CERT records is to guarantee security in the interactions between multiple parties.

What are CNAME Records, what are they used for, and how do they work?

The Canonical Name records are used for creating an alias on a name to another. Suppose you have type.com and www.type.com and they both direct your users to the same website. It will be super difficult and chaotic for the domain owner to create separate records for these addresses, so they can choose the CNAME record to alias the type.com to the www.type.com. Now, the CNAME record created for either of these addresses will point your visitors to the main website only. You no longer have to maintain separate DNS records for both addresses. Should you need to make any changes to your website, you can make changes only once and they will automatically be updated on the other address too.

Share this Post