发明名称 |
DNSSEC SIGNING SERVER |
摘要 |
Systems and methods for performing DNSSEC signing are described in which digital signature operations may be performed by a network accessible signing server that is configured to interact with a separate client application. Exemplary methods may include receiving a signing request at the signing server from the client application to sign first data. The signing server may determine an active KSK and/or an active ZSK for the first data. The first data may then be transmitted by the signing server to a digital signature modules, which may include, for example, a hardware support module, or software signing applications. The signing server may receive a digitally signed version of the first data from the digital signature module, and provide the signed first data to the client application. |
申请公布号 |
US2015372822(A1) |
申请公布日期 |
2015.12.24 |
申请号 |
US201514841080 |
申请日期 |
2015.08.31 |
申请人 |
VERISIGN, INC. |
发明人 |
Smith David;Gould James;Lavu Ramana;Deshpande Deepak |
分类号 |
H04L9/32 |
主分类号 |
H04L9/32 |
代理机构 |
|
代理人 |
|
主权项 |
1. A DNSSEC signing server configured to interact with at least one DNSSEC client application and a plurality of digital signature modules, the DNSSEC signing server comprising:
a processor; and a storage device including computer readable code that, when executed by the processor, causes the signing server act as an authoritative server to:
receive a signing request from the at least one client application to sign first data;determine at least one of an active KSK and an active ZSK for the first data;transmit the first data to one of the plurality of digital signature modules; receive a digitally signed version of the first data, from the digital signature module; and
provide the signed first data, to the client application. |
地址 |
RESTON VA US |