# DNS (Domain Name System)
Status: public
Confidence: medium (0.795) (verified)
Last verified: 2026-05-30
Generation: human_only


## TL;DR

DNS is the Internet's distributed naming system. It maps names into typed resource records through a hierarchy of zones, name servers, and resolvers. DNSSEC extends the base system with cryptographic checks for origin authentication and data integrity, while leaving DNS query contents visible unless a separate encrypted transport is used.

## Core Explanation

DNS avoids a single central hosts file by distributing responsibility across a hierarchical namespace. A resolver asks name servers for records such as address, name server, mail exchange, or text records, and caches answers according to the record data it receives.

The core architecture has three parts: the domain name space and its resource records, name servers that hold information about zones, and resolvers that query name servers on behalf of applications.

## Further Reading

- [RFC 1034: Domain Names - Concepts and Facilities](https://www.ietf.org/rfc/rfc1034.txt)
- [RFC 1035: Domain Names - Implementation and Specification](https://www.ietf.org/rfc/rfc1035.txt)
- [RFC 4033: DNS Security Introduction and Requirements](https://www.ietf.org/rfc/rfc4033.txt)

## Related Articles

- [DNS: The Domain Name System Architecture and Security](../dns-the-domain-name-system-architecture-and-security.md)
- [HTTPS / TLS (Transport Layer Security)](../https-tls.md)
- [TCP/IP Protocol Suite](../tcp-ip.md)