FACTOID # 88: Venezuela is one of the happiest and most murderous places in the world.
 
 Home   Encyclopedia   Statistics   Countries A-Z   Flags   Maps   Education   Forum   FAQ   About 
 
WHAT'S NEW
RECENT ARTICLES
More Recent Articles »
 

FACTS & STATISTICS    Simple view

  1. Select countries to view: (hold down Control key and click to select several)

     

     

    Compare:

     

     
  1. Select fact or statistic: (* = graphable)

     

     

     

  2. (OPTIONAL) Compare to statistic: (both need to be graphable)

     

     

     

  3. View result as:

     

       
(OR) SEARCH ALL encyclopedia, stats & forums:   

Encyclopedia > TSIG

TSIG (Transaction SIGnature) is a computer networking protocol. It provides a means of authenticating updates to a dynamic Domain Name System (DNS) database. TSIG uses shared secret keys and one-way hashing to provide a cryptographically secure means of identifying each endpoint of a connection as being allowed to make or respond to a DNS update. It has been suggested that Domain name be merged into this article or section. ... A key is a piece of information that controls the operation of a cryptography algorithm. ... Unsolved problems in computer science: Do one-way functions exist? A one-way function is a function that is easy to calculate but hard to invert — it is difficult to calculate the input to the function given its output. ...


Although queries to DNS may be made anonymously (but see DNSSEC), updates to DNS must be authenticated since they make lasting changes to the structure of the internet naming system. The use of a key shared by the client making the update and the DNS server guarantees the authenticity of the update request. However, the update request may be passing over an insecure channel (the internet). A one-way hashing function is used to prevent malicious observers from learning the secret key and using it to make their own modifications. DNSSEC (short for DNS Security Extensions) adds security to the Domain Name System (DNS) used on Internet Protocol networks. ...


RFC 2845 specifies only one allowed hashing function HMAC-MD5, which is no longer considered to be highly secure. In 2003, RFC 3645 proposed allowing Generic Security Service (GSS) to provide alternate hashing functions to be used. In 2006, proposals are being circulated to allow RFC 3174 Secure Hash Algorithm (SHA) hashing to replace MD5. The longer keys used by SHA are believed to provide greater security. A keyed-hash message authentication code, or HMAC, is a type of message authentication code (MAC) calculated using a cryptographic hash function in combination with a secret key. ...


External links

  • RFC 2845 Secret Key Transaction Authentication for DNS (TSIG)
  • RFC 3645 Generic Security Service Algorithm for Secret Key Transaction Authentication for DNS (GSS-TSIG)
  • RFC 3174 US Secure Hash Algorithm 1
  • Draft: HMAC SHA TSIG Algorithm Identifiers

 

COMMENTARY     


Share your thoughts, questions and commentary here
Your name
Your comments
Please enter the 5-letter protection code

Want to know more?
Search encyclopedia, statistics and forums:
 


Lesson Plans | Student Area | Student FAQ | Reviews | Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms.