Domænesignatur (DNSSEC)

You could say that DNSSEC is the internet traffic police, ensuring that all data traffic is authorised and encrypted. It helps avoid security issues, such as being redirected to a fake website. DNSSEC provides protection from hacker attacks; for instance, when perpetrators take over a website and trick sensitive information or money out of its users.

Why?

Below you will find some links to descriptions of some known incidents that DNSSEC probably could have prevented.

Below follows a quotation from the last mentioned research publication:

Mail security, like that of many other protocols, is intrinsically tangled with the security of DNS resolution. Rather than target the SMTP protocol, an active network attacker can spoof the DNS records of a destination mail server to redirect SMTP connections to a server under the attacker’s control. [...] We find evidence that 178,439 out of 8,860,639(2.01%) publicly accessible DNS servers provided invalid IPs or MX records for one or more of these domains.

Adoption statistics

Further information

Specifications