{"id":4397,"date":"2020-10-30T22:05:08","date_gmt":"2020-10-30T21:05:08","guid":{"rendered":"https:\/\/webhosting.de\/?p=4397"},"modified":"2020-10-30T22:05:08","modified_gmt":"2020-10-30T21:05:08","slug":"dnssec","status":"publish","type":"post","link":"https:\/\/webhosting.de\/da\/dnssec\/","title":{"rendered":"dnssec"},"content":{"rendered":"<h2>Udvidelser af dom\u00e6nenavnesystemets sikkerhed<\/h2>\n<p>dnssec er et s\u00e6t standarder i den <a href=\"https:\/\/webhosting.de\/da\/flexoptix-universal-transceiver\/\">Internet<\/a>som giver en garanti for sikkerhedsmekanismer. Disse er ogs\u00e5 underlagt \u00e6gtheden og integriteten af de <a href=\"https:\/\/webhosting.de\/da\/personenbezogene-daten-sozialen-netzwerken\/\">Data<\/a>. En deltager i dnssec kan verificere visse zonedata. Dette kan ogs\u00e5 kontrollere, om DNS-zonedataene er identiske med de data, som en opretter er godkendt af zonen.<\/p>\n<h2>Ingen kryptering af dataene<\/h2>\n<p>dnssec blev udviklet for at bek\u00e6mpe cacheforgiftning. Digitale signaturer er sikret under transmissionen af ressourceposter. Autentificering finder aldrig sted p\u00e5 serverne eller p\u00e5 klienterne. Med dnssec krypteres der ingen data. Det asymmetriske kryptosystem. Ejeren af en bestemt oplysning kaldes master-serveren. Den zone, der skal sikres, er ogs\u00e5 placeret der. Hver enkelt post er signeret med en privat n\u00f8gle eller en hemmelig n\u00f8gle. Autenticitet og integritet kan valideres med en offentlig n\u00f8gle. Udvidelsen EDNS foretr\u00e6kkes af dnssec. Der kan anvendes yderligere parametre med denne udvidelse. St\u00f8rrelsesbegr\u00e6nsningen p\u00e5 512 bytes er ogs\u00e5 oph\u00e6vet med denne udvidelse. Der er behov for l\u00e6ngere DNS-meddelelser, hvis der skal overf\u00f8res en n\u00f8gle eller en signatur.<\/p>\n<h2>Hvordan fungerer DNS?<\/h2>\n<p>I RR, dvs. Resource Record, stilles oplysninger til r\u00e5dighed p\u00e5 dnssec. Disse sikrer oplysningernes autenticitet med en digital signatur. Master-serveren i zonen er ejer af disse oplysninger. Dette er ogs\u00e5 autoritativt. For hver zone, der skal sikres, findes der en zoneafgr\u00e6nsningsn\u00f8gle, dvs. en zonen\u00f8gle. Parret best\u00e5r af en offentlig og en privat n\u00f8gle. Den offentlige del af zonens n\u00f8gle er inkluderet i zonefilen som en DNSKEY-ressourcepost. Den private n\u00f8gle sikrer, at hver enkelt RR er digitalt signeret i zonen. Til dette form\u00e5l udfyldes en ressourcepost, som derefter er en RRSIG-ressourcepost. Denne indeholder signaturen for DNS-posten.<br \/>\nVed hver af disse transaktioner sendes en RRSIG-RR sammen med den normale ressourcepost. I tilf\u00e6lde af en overf\u00f8rsel i zonen modtager slaverne den f\u00f8rst. Dette lagres derefter i en cache, hvis opl\u00f8sningen er god. Den sidste, der modtager RR, er den revolver, der anmodede om den. Med den offentlige zonen\u00f8gle kan denne validere signaturen.<\/p>\n<h2>Evalueringen<\/h2>\n<p>Med dnssec er DNS-resolverne de endenheder, f.eks. en computer eller smartphone, som posterne ikke kan valideres p\u00e5. Stub-resolvere er simpelthen programmer, der kan l\u00f8se et navn fuldst\u00e6ndigt op. Ogs\u00e5 i en rekursiv navneserver. For at opl\u00f8se dette navn sender navneserveren en anmodning til en navneserver i det lokale netv\u00e6rk eller ogs\u00e5 i netv\u00e6rket for den <a href=\"https:\/\/webhosting.de\/da\/internetdienstanbieter-isp-2\/\">ISP<\/a>udtalte internetudbydere.<\/p>\n<p>Der s\u00e6ttes en DO-bit, som kan informere navneserverens resolver om, at posten skal valideres. Stub-resolveren skal dog underst\u00f8tte EDNS-udvidelsen af dnssec for at kunne g\u00f8re dette. P\u00e5 denne m\u00e5de kan serveren ogs\u00e5 sikres. Det betyder, at valideringen altid kan gennemf\u00f8res.<\/p>\n<p>Dette er uafh\u00e6ngigt af indholdet og tilstedev\u00e6relsen af DO-bitten. Hvis serveren returnerer en generel fejl, er der noget galt. Hvis det lykkedes, returnerer serveren et AD bit-svar. AD betyder autentificerede data. For en stub resolver er det umuligt at se, om fejlen skyldes den fejlslagne validering eller en anden \u00e5rsag. \u00c5rsagerne kan v\u00e6re en netv\u00e6rksfejl eller en fejl i navneserveren i det \u00f8nskede dom\u00e6nenavn.<\/p>","protected":false},"excerpt":{"rendered":"<p>Domain Name System Security Extensions Die dnssec ist eine Reihe von Standarten im Internet, die eine Gew\u00e4hrleistung von Sicherheitsmechanismen geben. Diese unterliegen auch der Authentizit\u00e4t und der Integrit\u00e4t der Daten. Ein Teilnehmer des dnssec kann bestimmte Zonendaten verifizieren. Dieser kann auch pr\u00fcfen ob die DNS-Zonendaten identisch sind mit denen die ein Ersteller von der Zone [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1197,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_crdt_document":"","inline_featured_image":false,"footnotes":""},"categories":[732],"tags":[],"class_list":["post-4397","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-lexikon"],"acf":[],"_wp_attached_file":null,"_wp_attachment_metadata":null,"litespeed-optimize-size":null,"litespeed-optimize-set":null,"_elementor_source_image_hash":null,"_wp_attachment_image_alt":null,"stockpack_author_name":null,"stockpack_author_url":null,"stockpack_provider":null,"stockpack_image_url":null,"stockpack_license":null,"stockpack_license_url":null,"stockpack_modification":null,"color":null,"original_id":null,"original_url":null,"original_link":null,"unsplash_location":null,"unsplash_sponsor":null,"unsplash_exif":null,"unsplash_attachment_metadata":null,"_elementor_is_screenshot":null,"surfer_file_name":null,"surfer_file_original_url":null,"envato_tk_source_kit":null,"envato_tk_source_index":null,"envato_tk_manifest":null,"envato_tk_folder_name":null,"envato_tk_builder":null,"envato_elements_download_event":null,"_menu_item_type":null,"_menu_item_menu_item_parent":null,"_menu_item_object_id":null,"_menu_item_object":null,"_menu_item_target":null,"_menu_item_classes":null,"_menu_item_xfn":null,"_menu_item_url":null,"_trp_menu_languages":null,"rank_math_primary_category":null,"rank_math_title":null,"inline_featured_image":null,"_yoast_wpseo_primary_category":null,"rank_math_schema_blogposting":null,"rank_math_schema_videoobject":null,"_oembed_049c719bc4a9f89deaead66a7da9fddc":null,"_oembed_time_049c719bc4a9f89deaead66a7da9fddc":null,"_yoast_wpseo_focuskw":"dnssec","_yoast_wpseo_linkdex":null,"_oembed_27e3473bf8bec795fbeb3a9d38489348":null,"_oembed_c3b0f6959478faf92a1f343d8f96b19e":null,"_trp_translated_slug_en_us":null,"_wp_desired_post_slug":null,"_yoast_wpseo_title":null,"tldname":null,"tldpreis":null,"tldrubrik":null,"tldpolicylink":null,"tldsize":null,"tldregistrierungsdauer":null,"tldtransfer":null,"tldwhoisprivacy":null,"tldregistrarchange":null,"tldregistrantchange":null,"tldwhoisupdate":null,"tldnameserverupdate":null,"tlddeletesofort":null,"tlddeleteexpire":null,"tldumlaute":null,"tldrestore":null,"tldsubcategory":null,"tldbildname":null,"tldbildurl":null,"tldclean":null,"tldcategory":null,"tldpolicy":null,"tldbesonderheiten":null,"tld_bedeutung":null,"_oembed_d167040d816d8f94c072940c8009f5f8":null,"_oembed_b0a0fa59ef14f8870da2c63f2027d064":null,"_oembed_4792fa4dfb2a8f09ab950a73b7f313ba":null,"_oembed_33ceb1fe54a8ab775d9410abf699878d":null,"_oembed_fd7014d14d919b45ec004937c0db9335":null,"_oembed_21a029d076783ec3e8042698c351bd7e":null,"_oembed_be5ea8a0c7b18e658f08cc571a909452":null,"_oembed_a9ca7a298b19f9b48ec5914e010294d2":null,"_oembed_f8db6b27d08a2bb1f920e7647808899a":null,"_oembed_168ebde5096e77d8a89326519af9e022":null,"_oembed_cdb76f1b345b42743edfe25481b6f98f":null,"_oembed_87b0613611ae54e86e8864265404b0a1":null,"_oembed_27aa0e5cf3f1bb4bc416a4641a5ac273":null,"_oembed_time_27aa0e5cf3f1bb4bc416a4641a5ac273":null,"_tldname":null,"_tldclean":null,"_tldpreis":null,"_tldcategory":null,"_tldsubcategory":null,"_tldpolicy":null,"_tldpolicylink":null,"_tldsize":null,"_tldregistrierungsdauer":null,"_tldtransfer":null,"_tldwhoisprivacy":null,"_tldregistrarchange":null,"_tldregistrantchange":null,"_tldwhoisupdate":null,"_tldnameserverupdate":null,"_tlddeletesofort":null,"_tlddeleteexpire":null,"_tldumlaute":null,"_tldrestore":null,"_tldbildname":null,"_tldbildurl":null,"_tld_bedeutung":null,"_tldbesonderheiten":null,"_oembed_ad96e4112edb9f8ffa35731d4098bc6b":null,"_oembed_8357e2b8a2575c74ed5978f262a10126":null,"_oembed_3d5fea5103dd0d22ec5d6a33eff7f863":null,"_eael_widget_elements":null,"_oembed_0d8a206f09633e3d62b95a15a4dd0487":null,"_oembed_time_0d8a206f09633e3d62b95a15a4dd0487":null,"_aioseo_description":null,"_eb_attr":null,"_eb_data_table":null,"_oembed_819a879e7da16dd629cfd15a97334c8a":null,"_oembed_time_819a879e7da16dd629cfd15a97334c8a":null,"_acf_changed":null,"_wpcode_auto_insert":null,"_edit_last":null,"_edit_lock":null,"_oembed_e7b913c6c84084ed9702cb4feb012ddd":null,"_oembed_bfde9e10f59a17b85fc8917fa7edf782":null,"_oembed_time_bfde9e10f59a17b85fc8917fa7edf782":null,"_oembed_03514b67990db061d7c4672de26dc514":null,"_oembed_time_03514b67990db061d7c4672de26dc514":null,"rank_math_news_sitemap_robots":"index","rank_math_robots":["index"],"_eael_post_view_count":"3870","_trp_automatically_translated_slug_ru_ru":null,"_trp_automatically_translated_slug_et":"dnssec","_trp_automatically_translated_slug_lv":"dnssec","_trp_automatically_translated_slug_fr_fr":null,"_trp_automatically_translated_slug_en_us":null,"_wp_old_slug":null,"_trp_automatically_translated_slug_da_dk":null,"_trp_automatically_translated_slug_pl_pl":null,"_trp_automatically_translated_slug_es_es":null,"_trp_automatically_translated_slug_hu_hu":null,"_trp_automatically_translated_slug_fi":"dnssec","_trp_automatically_translated_slug_ja":"%e3%83%87%e3%82%a3%e3%83%bc%e3%82%a8%e3%83%8c%e3%82%b7%e3%83%bc%e3%82%bb%e3%83%83%e3%82%af","_trp_automatically_translated_slug_lt_lt":null,"_elementor_edit_mode":null,"_elementor_template_type":null,"_elementor_version":null,"_elementor_pro_version":null,"_wp_page_template":"default","_elementor_page_settings":null,"_elementor_data":null,"_elementor_css":null,"_elementor_conditions":null,"_happyaddons_elements_cache":null,"_oembed_75446120c39305f0da0ccd147f6de9cb":null,"_oembed_time_75446120c39305f0da0ccd147f6de9cb":null,"_oembed_3efb2c3e76a18143e7207993a2a6939a":null,"_oembed_time_3efb2c3e76a18143e7207993a2a6939a":null,"_oembed_59808117857ddf57e478a31d79f76e4d":null,"_oembed_time_59808117857ddf57e478a31d79f76e4d":null,"_oembed_965c5b49aa8d22ce37dfb3bde0268600":null,"_oembed_time_965c5b49aa8d22ce37dfb3bde0268600":null,"_oembed_81002f7ee3604f645db4ebcfd1912acf":null,"_oembed_time_81002f7ee3604f645db4ebcfd1912acf":null,"_elementor_screenshot":null,"_oembed_7ea3429961cf98fa85da9747683af827":null,"_oembed_time_7ea3429961cf98fa85da9747683af827":null,"_elementor_controls_usage":null,"_elementor_page_assets":[],"_elementor_screenshot_failed":null,"theplus_transient_widgets":["tp-video-player"],"_eael_custom_js":null,"_wp_old_date":null,"_trp_automatically_translated_slug_it_it":null,"_trp_automatically_translated_slug_pt_pt":null,"_trp_automatically_translated_slug_zh_cn":null,"_trp_automatically_translated_slug_nl_nl":null,"_trp_automatically_translated_slug_pt_br":null,"_trp_automatically_translated_slug_sv_se":null,"rank_math_analytic_object_id":"845","rank_math_internal_links_processed":null,"_trp_automatically_translated_slug_ro_ro":null,"_trp_automatically_translated_slug_sk_sk":null,"_trp_automatically_translated_slug_bg_bg":null,"_trp_automatically_translated_slug_sl_si":null,"litespeed_vpi_list":["webhostinglogo.png"],"litespeed_vpi_list_mobile":["webhostinglogo.png"],"rank_math_seo_score":null,"rank_math_contentai_score":null,"ilj_limitincominglinks":null,"ilj_maxincominglinks":null,"ilj_limitoutgoinglinks":null,"ilj_maxoutgoinglinks":null,"ilj_limitlinksperparagraph":null,"ilj_linksperparagraph":null,"ilj_blacklistdefinition":null,"ilj_linkdefinition":["dnssec"],"_eb_reusable_block_ids":null,"rank_math_focus_keyword":"dnssec","rank_math_og_content_image":null,"_yoast_wpseo_metadesc":"","_yoast_wpseo_content_score":null,"_yoast_wpseo_focuskeywords":null,"_yoast_wpseo_keywordsynonyms":null,"_yoast_wpseo_estimated-reading-time-minutes":null,"rank_math_description":null,"surfer_last_post_update":null,"surfer_last_post_update_direction":null,"surfer_keywords":null,"surfer_location":null,"surfer_draft_id":null,"surfer_permalink_hash":null,"surfer_scrape_ready":null,"_thumbnail_id":"1197","footnotes":null,"_links":{"self":[{"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/posts\/4397","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/comments?post=4397"}],"version-history":[{"count":0,"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/posts\/4397\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/media\/1197"}],"wp:attachment":[{"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/media?parent=4397"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/categories?post=4397"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webhosting.de\/da\/wp-json\/wp\/v2\/tags?post=4397"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}