Domain Name System Security Extensions (DNSSEC)
Domain Name System Security Extensions (DNSSEC) is a suite of protocol extensions developed by the Internet Engineering Task Force (IETF) to secure DNS data using public key cryptography, providing authentication, data integrity, and authenticated denial of existence without confidentiality or…
Key facts
- First appeared
- 1997
- Category
- technology
- Problem solved
- DNSSEC addresses critical vulnerabilities in the original DNS protocol, such as lack of authentication leading to cache poisoning, spoofing, and man-in-the-middle attacks, by cryptographically signing DNS data to ensure origin authentication, integrity, and proof of non-existence that predecessors like plain DNS could not provide.[1][2][3]
- Platforms
- All DNS implementations (Unix/Linux, Windows, embedded systems)
Related technologies
Notable users
- VeriSign
- Cloudflare
- SIDN (.nl registry)
- ICANN
- Google Public DNS