DNSSEC

If DNS is the phone book of the Internet, DNSSEC is the Internet’s unspoofable caller ID. It guarantees a web application’s traffic is safely routed to the correct servers so that a site’s visitors are not intercepted by a hidden “man-in-the-middle” attacker. These attacks usually go unnoticed by sites’ visitors, increasing the risk of phishing, malware infections, and personal data leakage.

DNSSEC however is very complicated, and this has been a hurdle for its adoption.

Because trust in DNSSEC is top-down (The root zone verifies the .com zone, and the .com zone verifies the zone, and so forth), enabling DNSSEC requires a website owner to update the DS record with your registrar.

Conclusion

In order to enable DNSSEC for your domain you require 2 things.
  1. A Registrar that supports DNSSEC
  2. An Authoritive DNS Service (or Server) that supports DNSSEC

By Clicking on This Link, you will notice that ClusteredNetworks.com has DNSSEC enabled and it is properly configured.

Verisign Labs is a great tool for checking if you have DNSSEC configured properly.



DNSSEC Consulting

Clustered Networks

Why Clustered Networks

Located in Edmonton, AB Canada, Clustered Networks was Incorporated in 2001 and has offered Network / Internet and IT Consulting services for over 15 years. We offer personalized service!