KEY : Key record (RFC 4034)
Used only for TKEY (RFC 2930). Before RFC 3755 was published, this was also used for DNSSEC, but DNSSEC now uses DNSKEY.

DS : Delegation signer (RFC 4034)
The record used to identify the DNSSEC signing key of a delegated zone

NAPTR : Naming Authority Pointer (RFC 3403)
Allows regular expression based rewriting of domain names which can then be used as URIs, further domain names to lookups, etc.

PTR : pointer record (RFC 1035)
Pointer to a canonical name. Unlike a CNAME, DNS processing does NOT proceed, just the name is returned. The most common use is for implementing reverse DNS lookups, but other uses include such things as DNS-SD.

NSEC : Next-Secure record (RFC 4034)
Part of DNSSEC—used to prove a name does not exist. Uses the same format as the (obsolete) NXT record.

A : address record (RFC 1035)
Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host, but also used for DNSBLs, storing subnet masks in RFC 1101, etc.

SOA : start of authority record (RFC 1035)
Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone.

SPF : SPF record (RFC 4408)
Specified as part of the SPF protocol, as an alternative to storing SPF data in TXT records. Uses the same format as the TXT record.

CERT : Certificate record (RFC 4398)
Stores PKIX, SPKI, PGP, etc.

HIP : Host Identity Protocol (RFC 5205)
Method of separating the end-point identifier and locator roles of IP addresses.

OPT : Option (RFC 2671)
This is a 'pseudo DNS record type' needed to support EDNS

SRV : Service locator (RFC 2782)
Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX.

AAAA : IPv6 address record (RFC 3596)
Returns a 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host.

IXFR : Incremental Zone Transfer (RFC 1995)
Requests a zone transfer of the given zone but only differences from a previous serial number. This request may be ignored and a full (AXFR) sent in response if the authoritative server is unable to fulfill the request due to configuration or lack of required deltas.

TSIG : Transaction Signature (RFC 2845)
Record that supports one set of security mechanisms for DNS. Used to secure communication between DNS resolvers and Name servers, in contrast to DNSSEC, which secures the actual DNS records from the authoritative name server.

NSEC3 : NSEC record version 3 (RFC 5155)
An extension to DNSSEC that allows proof of nonexistence for a name without permitting zonewalking

SSHFP : SSH Public Key Fingerprint (RFC 4255)
Resource record for publishing SSH public host key fingerprints in the DNS System, in order to aid in verifying the authenticity of the host.

TXT : Text record (RFC 1035)
Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carries machine-readable data, such as specified by RFC 1464, opportunistic encryption, Sender Policy Framework, DomainKeys, DNS-SD, etc.