A file on an authoritative name server that defines the contents of a zone in the Domain Name System. Resource records (RRs) in a zone file identify the Internet Protocol (IP) addresses of the hosts (e.g., web servers, mail servers) and name servers within the name server’s zone. A zone file can also contain other types of RRs (such as ones containing digital signatures) as determined by the zone owner. The RRs in a zone file enable an authoritative name server to respond definitively to DNS queries about the contents of a zone.
zone signing key(ZSK)
In the root zone, the cryptographic public and private key pair that the Root Zone ZSK Operator uses to digitally sign the content of the root zone. To reduce the risk of an attacker compromising the ZSK, a new ZSK is generated every three months.