SSHFP : SSH Public Key Fingerprint ( RFC 4255)
Resource record for publishing SSH public host key fingerprints in the DNS System, in order to aid in verifying the authenticity of the host. |
DNSKEY : DNS Key record ( RFC 4034)
The key record used in DNSSEC. Uses the same format as the KEY record. |
A : address record ( RFC 1035)
Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host, but also used for DNSBLs, storing subnet masks in RFC 1101, etc. |
SIG : Signature ( RFC 2535)
Signature record used in SIG(0) (RFC 2931). Until RFC 3755 was published, the SIG record was part of DNSSEC; now RRSIG is used for that. |
OPT : Option ( RFC 2671)
This is a 'pseudo DNS record type' needed to support EDNS |
AXFR : Full Zone Transfer ( RFC 1035)
Transfer entire zone file from the master name server to secondary name servers. |
TXT : Text record ( RFC 1035)
Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carries machine-readable data, such as specified by RFC 1464, opportunistic encryption, Sender Policy Framework, DomainKeys, DNS-SD, etc. |
DS : Delegation signer ( RFC 4034)
The record used to identify the DNSSEC signing key of a delegated zone |
TKEY : Transaction Key ( RFC 2930)
One way of providing a key to be used with TSIG |
SOA : start of authority record ( RFC 1035)
Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone. |
KEY : Key record ( RFC 4034)
Used only for TKEY (RFC 2930). Before RFC 3755 was published, this was also used for DNSSEC, but DNSSEC now uses DNSKEY. |
NSEC3PARAM : NSEC3 parameters ( RFC 5155)
Parameter record for use with NSEC3 |
PTR : pointer record ( RFC 1035)
Pointer to a canonical name. Unlike a CNAME, DNS processing does NOT proceed, just the name is returned. The most common use is for implementing reverse DNS lookups, but other uses include such things as DNS-SD. |
CNAME : Canonical name record ( RFC 1035)
Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name. |
DNAME : delegation name ( RFC 2672)
DNAME will delegate an entire portion of the DNS tree under a new name. In contrast, the CNAME record creates an alias of a single name. Like the CNAME record, the DNS lookup will continue by retrying the lookup with the new name. |
NSEC3 : NSEC record version 3 ( RFC 5155)
An extension to DNSSEC that allows proof of nonexistence for a name without permitting zonewalking |
RRSIG : DNSSEC signature ( RFC 4034)
Signature for a DNSSEC-secured record set. Uses the same format as the SIG record. |
CERT : Certificate record ( RFC 4398)
Stores PKIX, SPKI, PGP, etc. |
