Have you wished you had a quick reference card to remember the DNSSEC options to use with “dig”? Or to configure your DNS server to support DNSSEC? Or needed to know the mapping between an algorithm name and number when entering DS records?
If so, Jan-Piet Mens has created just the document to help you out. His DNSSEC reference card is available for download. You can take it with you (it’s now on my iPad) or print it out if you want to post it somewhere. (Office cubicle decoration, perhaps?)
Last updated just a bit ago in December 2011, it includes configuration information for the BIND, NSD, Unbound, and PowerDNS name servers, tips for using tools like dig and drill, and some other useful configuration information. As Jan-Piet writes:
The reference card is currently made up of three DIN-A5 sheets, and contains information on signing and serving zones authoritatively, TSIG signatures and SIG(0)-protected updates to a BIND name server, as well as some configuration hints for recursive servers.
He also states he is very open to feedback and so he’s looking for any comments and suggestions.
Thanks to Jan-Piet for creating such a useful document!