This guide provides introductory information on how DNSSEC works, how to configure name servers to support some common DNSSEC features, as well as some basic troubleshooting tips. The chapters are organized as such:
Chapter 1, Introduction covers the intended audience for this document, assumed background knowledge, and a basic introduction to the topic of DNSSEC.
Chapter 2, Getting Started covers various requirements that are needed before implementing DNSSEC, such as software versions, hardware capacity, network requirements, and security changes.
Chapter 3, Validation walks through setting up a validating resolver, more information on the validation process, as well as examples of using tools to verify that the resolver is validating answers.
Chapter 4, Signing walks through setting up a basic signed authoritative zone, explains the relationship with the parent zone, and on-going maintenance tasks.
Chapter 5, Basic Troubleshooting provides some tips on how to analyze and diagnose DNSSEC-related problems.
Chapter 6, Advanced Discussions covers several topics, from key generation, key storage, key management, NSEC and NSEC3, to disadvantages of DNSSEC.
Chapter 7, Recipes provides several working examples of common solutions, with step-by-step details.
Chapter 8, Commonly Asked Questions lists some commonly asked questions and answers about DNSSEC.