DNSKEY
DNSSEC is a protocol ↗ that adds a layer of security to the domain name system (DNS). DNSSEC does this by providing authentication through public signing keys using two DNS records: DNSKEY and DS. They can be used to verify DNSSEC signatures in RRSIG records ↗.
1.1.1.1 supports the following signature algorithms:
- RSA/SHA-1
- RSA/SHA-256
- RSA/SHA-512
- RSASHA1-NSEC3-SHA1
- ECDSA Curve P-256 with SHA-256 (ECDSAP256SHA256)
- ECDSA Curve P-384 with SHA-384 (ECDSAP384SHA384)
- ED25519
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Products
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark