6. 参考文献
6. 参考文献
本节列出本文档引用的规范性和信息性参考文献. 为保持引用可核验性, 文献条目的作者姓名, 英文题名, 出版物名称, RFC 编号, DOI, URL 和日期等元数据按原文保留. 中文说明用于标明这些条目是协议规范, 标准文档, 实现资料或背景资料, 读者可据此追溯原始来源.
规范性引用包括 DNSSEC 基础规范, CDS/CDNSKEY 和 CSYNC 处理规则, EPP, DNSSEC 操作实践, 以及经认证信号进行自动 DNSSEC 引导的规范. 资料性引用提供 DS 自动化建议, IANA 注册表, 相关测量研究和多签名 DNSSEC 模型背景.
为保持引用条目的可核验性, 下列作者姓名, 英文题名, RFC 编号, DOI, Internet-Draft 名称, 会议名称和发布日期均按原文保留. 中文说明仅用于帮助读者理解这些资料在本文中的作用: 前半部分是实现自动化 DNSSEC delegation maintenance 所依赖的规范, 后半部分是部署经验, 操作建议和测量背景.
6.1. 规范性引用
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997.
[RFC4033] Arends, R., Austein, R., Larson, M., Massey, D., and S. Rose, "DNS Security Introduction and Requirements", RFC 4033, DOI 10.17487/RFC4033, March 2005.
[RFC4034] Arends, R., Austein, R., Larson, M., Massey, D., and S. Rose, "Resource Records for the DNS Security Extensions", RFC 4034, DOI 10.17487/RFC4034, March 2005.
[RFC4035] Arends, R., Austein, R., Larson, M., Massey, D., and S. Rose, "Protocol Modifications for the DNS Security Extensions", RFC 4035, DOI 10.17487/RFC4035, March 2005.
[RFC5730] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)", STD 69, RFC 5730, DOI 10.17487/RFC5730, August 2009.
[RFC7344] Kumari, W., Gudmundsson, O., and G. Barwood, "Automating DNSSEC Delegation Trust Maintenance", RFC 7344, DOI 10.17487/RFC7344, September 2014.
[RFC7477] Hardaker, W., "Child-to-Parent Synchronization in DNS", RFC 7477, DOI 10.17487/RFC7477, March 2015.
[RFC8078] Gudmundsson, O. and P. Wouters, "Managing DS Records from the Parent via CDS/CDNSKEY", RFC 8078, DOI 10.17487/RFC8078, March 2017.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017.
[RFC9364] Hoffman, P., "DNS Security Extensions (DNSSEC)", BCP 237, RFC 9364, DOI 10.17487/RFC9364, February 2023.
[RFC9615] Thomassen, P. and N. Wisiol, "Automatic DNSSEC Bootstrapping Using Authenticated Signals from the Zone's Operator", RFC 9615, DOI 10.17487/RFC9615, July 2024.
6.2. 资料性引用
[DS-AUTOMATION] Sheng, S. and P. Thomassen, "Operational Recommendations for DNSSEC Delegation Signer (DS) Automation", Work in Progress, Internet-Draft, draft-ietf-dnsop-ds-automation-09, 22 May 2026.
[DS-IANA] IANA, "DNSSEC Delegation Signer (DS) Resource Record (RR) Type Digest Algorithms".
[LAME1] Akiwate, G., et al., "Unresolved Issues: Prevalence, Persistence, and Perils of Lame Delegations", IMC '20.
[LAME2] Akiwate, G., et al., "Risky BIZness: risks derived from registrar name management", IMC '21.
[RFC6781] Kolkman, O., Mekking, W., and R. Gieben, "DNSSEC Operational Practices, Version 2", RFC 6781, DOI 10.17487/RFC6781, December 2012.
[RFC8901] Huque, S., Aras, P., Dickinson, J., Vcelak, J., and D. Blacka, "Multi-Signer DNSSEC Models", RFC 8901, DOI 10.17487/RFC8901, September 2020.
[RFC9499] Hoffman, P. and K. Fujiwara, "DNS Terminology", BCP 219, RFC 9499, DOI 10.17487/RFC9499, March 2024.