|
|
|
|
Technology › DNSSEC |
|
|
|
|
|
DNSSEC |
|
|
|
|
|
Due to known DNS vulnerabilities , RegistryASP uses DNSSEC that minimizing user dependency and creates a more secured environment against data spoofing and corruption and DNS poisons.
|
|
DNSSEC was designed to protect Internet resolvers (clients) from forged DNS data, such as that created by DNS cache poisoning. All answers in DNSSEC are digitally signed. By checking the digital signature, a DNS resolver is able to check if the information is identical (correct and complete) to the information on the authoritative DNS server. While protecting IP addresses are the immediate concern for many users, DNSSEC can protect other information such as general-purpose cryptographic certificates stored in DNS. RFC 4398 describes how to distribute certificates via DNS, including those for email, making it possible to use DNSSEC as a world-wide public key infrastructure for email.
Read More |
|
|
|
|
|
|