24 November, 2010

The Implementation Challenges for DNSSEC

Rod Rasmussen
An article by Rod Rasmussen on securityweek.com:


Trouble Ahead - The Implementation Challenges for DNSSEC

There has been a lot of recent buzz surrounding implementation of Domain Name System Security extensions (i.e., DNSSEC). The latest example: verification and signing of DNSSEC for the .IN (India) and .ASIA top-level domains (TLDs), which are being pitched as major enhancements to global security for much of Asia.

Yet massive industry-wide confusion, continued lack of awareness for DNSSEC outside the DNS industry, a plethora of DNSSEC verification techniques and standards, and arguments over which to use, tell a different story. This also leads to some key takeaways for anyone looking at implementation today. We will take a closer look at the history and reasons for the existence of DNSSEC and some of the key implementation roadblocks in this first of a three-part series on DNSSEC deployment.

For the rest of the article (it's really good), click here.

No comments:

Post a Comment