logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 8645700 B1

PDFFull Text
Date of Patent:
Feb. 04, 2014

Filed:

Apr. 29, 2011

Dnssec inline signing

Applicants:

David Smith, Arlington, VA (US);

James Gould, Leesburg, VA (US);

Tarik Essawi, Leesburg, VA (US);

David Blacka, Reston, VA (US);

Srikanth Veeramachaneni, South Riding, VA (US);

Inventors:

David Smith, Arlington, VA (US);

James Gould, Leesburg, VA (US);

Tarik Essawi, Leesburg, VA (US);

David Blacka, Reston, VA (US);

Srikanth Veeramachaneni, South Riding, VA (US);

Assignee:

Verisign, Inc., Reston, VA (US);

Attorney:

MH2 Technology Law Group LLP

Primary Examiner:

Kaveh Abrishamkar

Int. Cl.
CPC ...
H04L 9/32 (2006.01);
U.S. Cl.
CPC ...
Abstract

Systems and methods of performing incremental DNSSEC signing at a registry are described in which digital signature operations may be performed as part of a single transaction including DNS add, update, and/or delete operations and the like. Exemplary methods may include receiving a domain command from a requester, the domain command including an identifier of a domain. The received domain command may be executed with respect to data stored by the registry for the domain. As part of an individual transaction including the execution of the domain command, the registry may also sign DNSSEC records for the domain using a private key of an authoritative server. After the DNSSEC records have been signed, the registry may incrementally publish the signed DNSSEC records to a separate server. Exemplary methods may also include 'took-aside' operations in which, for example, add, update, and/or delete operations may be executed on data stored in a registry database and reported to a requester, prior to applying digital-signatures to the DNSSEC data. After reporting that the instructions have been executed, the registry may generate a digital signature based on the add, update, and/or delete changes, and commit the digital signature to a registry resolution database.

Find Patent Forward Citations

Loading…