Internet Technologies > Domain Name System Security Extensions (DNSSEC)
Domain Name System Security Extensions (DNSSEC)
Few technologies are more critical to the Internet than the Domain Name System (DNS), which translates domain names into IP addresses. DNS Security Extensions — DNSSEC — helps to ensure that you are communicating with the correct website or service.
DNS Security (DNSSEC) is designed to authenticate DNS response data. It verifies responses to ensure a DNS server’s response is what the zone administrator intended. It does not address all threats (nothing does), but it provides a building block for providing additional data security, and not just within the DNS but also within the applications and services that are built on it.
DNSSEC acts like tamper-proof packaging for domain name data, giving users more confidence in their online activities. DNSSEC provides a level of additional security where your web browser can check to make sure the DNS information is correct and was not modified. DNSSEC also provides us with a platform for future innovations to enhance user confidence in Internet-based services.
Browse the links below to find the information you need to deploy DNSSEC today. You may want to begin with our Deploy360 “Where Do I Start?” page.
Basics
- DNSSEC Basics page
- Internet Society DNSSEC Fact Sheet
- State of DNSSEC Deployment (2016)
- Animated Introduction to DNSSEC
- DNSSEC Deployment Maps
Case Studies
White Papers
- Case Study: The Experience of Signing Go6.SI with DNSSEC
- Excellent whitepaper/tutorial from SURFnet on deploying DNSSEC-validating DNS servers