Definition Edit

The Domain Name System Security Extensions (DNSSEC) are a suite of IETF specifications for securing certain kinds of information provided by the Domain Name System (DNS) as used on Internet Protocol (IP) networks.

Overview Edit

It is a set of extensions to DNS which provide to DNS clients (resolvers):

It is widely believed that securing the DNS is critically important for securing the Internet as a whole, but deployment of DNSSEC specifically has been hampered by the difficulty of:

  1. Devising a backward-compatible standard that can scale to the size of the Internet
  2. Preventing "zone enumeration" where desired
  3. Deploying DNSSEC implementations across a wide variety of DNS servers and DNS clients (resolvers)
  4. Disagreement among key players over who should own the TLD (e.g., .com, .net) root keys
  5. Overcoming the perceived complexity of DNSSEC and DNSSEC deployment

Some of these problems are in the process of being resolved, and deployments in various domains have begun to take place.

External reading Edit

  • EDUCAUSE, "7 Things You Should Know About . . . DNSSEC" (Jan. 2010) (full-text).

This page uses Creative Commons Licensed content from Wikipedia (view authors). Smallwikipedialogo.png

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.