Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.

Avenue4 LLCRead Message Promoted Post

Home / Industry

If I Have an SSL, Do I Need DNSSEC?

.ORG, The Public Interest Registry is pleased to announce the next guest blogger for our DNSSEC FUD Buster series. Howard Eland is a specialist in the IT industry with over 20 years experience in network and systems administration as well as a number of programming languages. Howard has been with Afilias Limited since its inception in 2001 and currently acts as the Senior Director, Resolution Services.

Many folks believe their online presence is safe simply because their site has an SSL certificate. The truth is that, while SSL does provide protection and encryption of data for a website, attackers can use tactics that affect the end user before they get to your website. SSL and other Internet security technologies do not solve the problem of traffic hijacking and forgery. It does not matter if you use SSL, VPN or any other technology — as long as you use the DNS without security you are vulnerable. DNSSEC is a specific answer to a very specific problem and it does a great job solving it. Of course, DNSSEC was never meant to solve the problem that SSL does, which is encrypting communications once you reach the destination site.

  • Without DNSSEC and with SSL — you can be SECURELY hijacked to the wrong location.
  • Without DNSSEC, you won't even know when you get hijacked.
  • Without DNSSEC, your ISP's cache can get poisoned and every person that uses that ISP's name server will be affected.

If there was a simpler answer than DNSSEC to ensure you are resolving to the hostname you intended to, I am sure the community would be embracing that. The reality is DNSSEC is a solution worked on for almost 10 years and is our best available option.

PIR

About PIR – Public Interest Registry is a nonprofit corporation that operates the .org top-level domain – the world's third largest "generic" top-level domain with more than 10 million domain names registered worldwide. As an advocate for collaboration, safety and security on the Internet, Public Interest Registry's mission is to empower the global noncommercial community to use the Internet more effectively, and to take a leadership position among Internet stakeholders on policy and other issues relating to the domain naming system. Visit Page

SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

DNS Security

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign

Mobile Internet

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC

Promoted Post

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.