Full metadata record
DC poleHodnotaJazyk
dc.contributor.authorHunek, Martin
dc.contributor.authorPlíva, Zdeněk
dc.contributor.editorPinker, Jiří
dc.date.accessioned2019-10-17T09:23:56Z
dc.date.available2019-10-17T09:23:56Z
dc.date.issued2018
dc.identifier.citation2018 International Conference on Applied Electronics: Pilsen, 11th – 12th September 2018, Czech Republic, 52-54.en
dc.identifier.isbn978–80–261–0721–7
dc.identifier.issn1803–7232
dc.identifier.urihttp://hdl.handle.net/11025/35469
dc.format4 s.cs
dc.format.mimetypeapplication/pdf
dc.language.isoenen
dc.publisherZápadočeská univerzita v Plznics
dc.rights© Západočeská univerzita v Plznics
dc.subjectIPv6cs
dc.subjectNAT64cs
dc.subjectDNS64cs
dc.subjectDNSSECcs
dc.titleDNSSEC in the networks with a NAT64/DNS64en
dc.typekonferenční příspěvekcs
dc.typeconferenceObjecten
dc.rights.accessopenAccessen
dc.type.versionpublishedVersionen
dc.description.abstract-translatedThis paper describes the problems with using both Domain Name System Security (DNSSEC) (security extension to domain name system) validating Domain Name System (DNS) resolvers and NAT64/DNS64 transition mechanism. In this paper we also propose a solution how to solve the problem of such combination. The foreign (synthesized) AAAA record as well as the broken trust chain in such records in secure way which doesn't breach DNSSEC. A current widely used solution comes from RFC 7050 [1] with conjunction with RFC 6146 [2] and RFC 6147 [3]. In such case the end node will detect Domain Name System 6-to-4 (DNS64) by asking for well-known Internet Protocol version 4 (IPv4) only domain, if detected end node would disable DNSSEC validation. This solves previously mentioned problem of foreign AAAA record and such domain would be reachable. However this also brakes DNSSEC validation and it does not allow operator to control over the prefix preference. Our proposed solution supplies the end node with secondary DNSSEC chain to validate DNS64 synthesized records from information already presented to the node by Neighbor Discovery or Dynamic Host Configuration Protocol version 6 (DHCPv6), in the way that network operator can have a control over the prefixes and DNS resolvers used by the end node for NAT64/DNS64 transition mechanism.en
dc.subject.translatedIPv6en
dc.subject.translatedNAT64en
dc.subject.translatedDNS64en
dc.subject.translatedDNSSECen
dc.type.statusPeer-revieweden
Vyskytuje se v kolekcích:Applied Electronics 2018
Applied Electronics 2018

Soubory připojené k záznamu:
Soubor Popis VelikostFormát 
Hunek.pdfPlný text476,64 kBAdobe PDFZobrazit/otevřít


Použijte tento identifikátor k citaci nebo jako odkaz na tento záznam: http://hdl.handle.net/11025/35469

Všechny záznamy v DSpace jsou chráněny autorskými právy, všechna práva vyhrazena.