Post by account_disabled on Feb 12, 2024 14:11:43 GMT 8
DNSSEC (DNS Security Extensions) is a security technology that extends the DNS domain name system. This technology provides an authentication mechanism between servers and for each data zone to ensure data integrity. DNSSEC will help users access the correct domain name, avoiding the risk of DNS spoofing. When a user accesses any domain name using a browser, the resolver will verify the digital signature. Only if the digital signature in the data matches the digital signature stored in the primary DNS server will the request be fulfilled. DNSSEC does not include encryption algorithms so it does not provide data security, it only supports DNS data validation.
How DNSSEC works How DNSSEC works 2. History of DNSSEC development The plan to research and develop a security system began in the 1990s, when a DNS security vulnerability was discovered. In 1995, DNSSEC was introduced as a solution to secure Costa Rica Telemarketing Data DNS server systems. By 2005, DNSSEC was officially announced by IEFT as an RFC standard. In 2010, this technology began to be deployed at the root domain level for addresses using top-level domains with the .org extension. Next, DNSSEC is updated for .net, .com and .edu domain names by country. By November 2011, more than 25% of top-level domains had DNSSEC applied.
How DNSSEC works DNSSEC is updated for each top-level domain 3. Difference between DNSSEC and DNS Compared to DNS, DNSSEC has the following differences: Add DNSKEY records to a zone. Add RRSIG records to a zone. Add NSEC records to a zone. Add DS records to a zone. There was a change to the CNAME record. 4. List of 4 new DNSSEC records DNS extension security technology – DNSSEC has launched 4 new records, including: DNSKEY – DNS Public Key: used to authenticate signatures in RRSIG records. RRSIG – Resource Record Signature: helps store important information used to authenticate accompanying data.
How DNSSEC works How DNSSEC works 2. History of DNSSEC development The plan to research and develop a security system began in the 1990s, when a DNS security vulnerability was discovered. In 1995, DNSSEC was introduced as a solution to secure Costa Rica Telemarketing Data DNS server systems. By 2005, DNSSEC was officially announced by IEFT as an RFC standard. In 2010, this technology began to be deployed at the root domain level for addresses using top-level domains with the .org extension. Next, DNSSEC is updated for .net, .com and .edu domain names by country. By November 2011, more than 25% of top-level domains had DNSSEC applied.
How DNSSEC works DNSSEC is updated for each top-level domain 3. Difference between DNSSEC and DNS Compared to DNS, DNSSEC has the following differences: Add DNSKEY records to a zone. Add RRSIG records to a zone. Add NSEC records to a zone. Add DS records to a zone. There was a change to the CNAME record. 4. List of 4 new DNSSEC records DNS extension security technology – DNSSEC has launched 4 new records, including: DNSKEY – DNS Public Key: used to authenticate signatures in RRSIG records. RRSIG – Resource Record Signature: helps store important information used to authenticate accompanying data.