[1] MOCKAPETRIS P. RFC 1034: Domain Names-Concepts and Facilities[EB/OL]. [2019-07-16]. https://tools.ietf.org/html/rfc1034.
[2] MOCKAPETRIS P. RFC 1035: Domain Names-Implementation and Specification[EB /OL]. [2019-07-16]. https://tools.ietf.org/html/rfc1035.
[3] 于世梁. 由“棱镜”计划反思我国信息网络安全[J]. 湖北行政学院学报, 2013(5):88-92.
[4] 胡宁,邓文平,姚苏. 互联网DNS安全研究现状与挑战[J]. 网络与信息安全学报, 2017,3(3):13-21.
[5] HU Z, ZHU L, HEIDEMANN J, et al. RFC 7858: Specification for DNSOver Transport Layer Security (TLS)[EB/OL]. [2019-07-16]. https://tools.ietf.org/html/rfc7858.
[6] HOFFMAN P, MCMANUS P. RFC 8484: DNS Queries Over HTTPS (DoH)[EB/OL]. [2019-07-16]. https://tools.ietf.org/html/rfc8484.
[7] CARLO C, WILMER G, DAVID L et al. RFC 7871: Client Subnet in DNS Queries[EB/OL]. [2019-07-16]. https://tools.ietf.org/html/rfc7871.
[8] REDDY T, WING D, PATIL P. RFC 8094: DNS Over Datagram Transport Layer Security (DTLS)[EB/OL]. [2019-07-16]. https://tools.ietf.org/html/rfc8094.
[9] DNSCurve. DNSCurve: Usable Security for DNS[EB/OL]. 〖JP4〗(2009-06-22)[2019-07-16]. https://dnscurve.org/index.html.
[10]DEMPSKY M. DNSCurve: Link-level Security for the Domain Name System[EB/OL]. (2010-02-26)[2019-07-16]. https://tools.ietf.org/html/draft-dempsky-dnscurve-01.
[11]ARENDS R, AUSTEIN R, LARSON M, et al. RFC 4033: DNS Security Introduction and Requirements[EB/OL]. [2019-07-16]. https://tools.ietf.org/html/rfc4033.
[12]ARENDS R, AUSTEIN R, LARSON M, et al. RFC 4034: Resource Records for the DNS Security Extensions[EB/OL]. [2019-07-16]. https://tools.ietf.org/html/rfc4034.
[13]ARENDS R, AUSTEIN R, LARSON M, et al. RFC 4035: Protocol Modifications for the DNS Security Extensions[EB/OL]. [2019-07-16]. https://tools.ietf.org/html/rfc4035.
[14]许成喜,胡荣贵,施凡,等. Kaminsky域名系统缓存投毒防御策略研究[J]. 计算机工程, 2013,39(1):12-17.
[15]SCHNEIDER D. How a Recently Discovered Flaw in the Internet’s Domain Name System Makes It Easy for Scammers to Lure You to Fake Web Sites[EB/OL]. (2008-10-01)[2019-07-16]. http://spectrum.ieee.org/computing/software/fresh-phish.
[16]LIAN W, RESCORLA E, SHACHAM H, el a1. Measuring the practical impact of DNSSEC deployment[C]// USENIX Security 2013. 2013:573-588.
[17]STEPHANE B, PAUL H. RFC7816BIS-02: DNS Query Name Minimisation to Improve Privacy[EB/OL]. [2019-07-16]. https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc7816bis/.
[18]STEVE K C. Assuring data privacy compliance[J]. Information Systems Control Journal, 2004.
[19]FEDERRATH H, FUCHS K P, HERRMANN D, et al. Privacy-preserving DNS: Analysis of broadcast, range queries and mix-based protection methods[C]// The 16th European Symposium on Research in Computer Security. 2011:665-683.
[20]BLADWIN R, COX G, DOWELL C, el al. RFC 6101: The Secure Sockets Layer (SSL) Protocol Version 3.0[EB/OL]. [2019-07-16]. https://tools.ietf.org/html/rfc6101.
[21]ALLEN C, ABADI M, BELLOVIN S M, el al. RFC 5246: The Transport Layer Security(TLS) Protocol Version 1.2[EB/OL]. [2019-07-16]. https://tools.ietf.org/html/rfc5246.
[22]JIN Y, TOMOISHI M, YAMAI N. An advanced client based DNSSEC validation and preliminary evaluations toward realization[C]// 2016 International Conference on Information and Communication Technology Convergence. 2016:178-183.
[23]ZHU L, HU Z, HEIDIMANN J, et al. Connection-oriented DNS to improve privacy and security[C]// ACM Conference on SIGCOMM. 2014. |