Increasing DNSSEC adoption

Disponible en anglais seulement

DNSSEC is a security protocol that helps authenticate DNS response data to prevent others from intercepting your DNS queries.

Disponible en anglais seulement

A proposed method for DNSSEC provisioning showing how the Registrant and the Registrar manage the process to secure the domain.

DNSSEC is a security protocol that helps authenticate DNS response data to verify that the server response is what the administrator intended. It is a key security building block that not only secures the DNS but helps to protect the applications which rely on the DNS. It does this by helping to prevent others from intercepting your DNS queries and directing them to a malicious site (i.e. man-in-the-middle attacks). 

Despite these benefits, DNSSEC has had low adoption rates. CIRA has long been an advocate for DNSSEC and looks to a day when there is universal adoption so the Internet is a better, and more secure, place. To help improve adoption we are looking at ways we can change the triple-R model (Registy, Registrar, Registrant) and to make the process of signing a domain easier. 

CIRA's CTO, Jacques Latour recently published an article, Increasing DNSSEC Adoption - What if We Put DNSSEC Provision in the Hands of Registries? in CircleID that goes into some depth on the topic for those interested in learning more.

 

 

Blog navigation