Home / Industry

If I Have an SSL, Do I Need DNSSEC?

.ORG, The Public Interest Registry is pleased to announce the next guest blogger for our DNSSEC FUD Buster series. Howard Eland is a specialist in the IT industry with over 20 years experience in network and systems administration as well as a number of programming languages. Howard has been with Afilias Limited since its inception in 2001 and currently acts as the Senior Director, Resolution Services.

Many folks believe their online presence is safe simply because their site has an SSL certificate. The truth is that, while SSL does provide protection and encryption of data for a website, attackers can use tactics that affect the end user before they get to your website. SSL and other Internet security technologies do not solve the problem of traffic hijacking and forgery. It does not matter if you use SSL, VPN or any other technology — as long as you use the DNS without security you are vulnerable. DNSSEC is a specific answer to a very specific problem and it does a great job solving it. Of course, DNSSEC was never meant to solve the problem that SSL does, which is encrypting communications once you reach the destination site.

  • Without DNSSEC and with SSL — you can be SECURELY hijacked to the wrong location.
  • Without DNSSEC, you won't even know when you get hijacked.
  • Without DNSSEC, your ISP's cache can get poisoned and every person that uses that ISP's name server will be affected.

If there was a simpler answer than DNSSEC to ensure you are resolving to the hostname you intended to, I am sure the community would be embracing that. The reality is DNSSEC is a solution worked on for almost 10 years and is our best available option.

About PIR


Public Interest Registry is a nonprofit corporation that operates the .org top-level domain – the world's third largest "generic" top-level domain with more than 10 million domain names registered worldwide. As an advocate for collaboration, safety and security on the Internet, Public Interest Registry's mission is to empower the global noncommercial community to use the Internet more effectively, and to take a leadership position among Internet stakeholders on policy and other issues relating to the domain naming system. Learn More

Related topics: Cybercrime, DNS, DNS Security, Registry Services, Security, Top-Level Domains

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News


Industry Updates – Sponsored Posts

We're Moving Forward. You Coming?

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Faster DDoS Mitigation - Introducing Verisign OpenHybrid Customer Activated Mitigation

City of Miami 3rd in U.S. to Launch Dedicated TLD

Internet Grows to 296 Million Domain Names in Q2 2015

.Online Becomes the Fastest TLD to Sell 50,000 Domains

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

.ONLINE GA Launches with 28,000 Registrations in the First 30 Minutes

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

.ONLINE Sees the Biggest Generic Sunrise Ever

Influential Law Firms Have Become Early Adopters of '.law' TLD

.Online Receives 550+ Sunrise Requests, a Fortnight Still to Go

Announcing Verisign IntelGraph: Unprecedented Context for Cybersecurity Intelligence

The Deep Web and the Darknet - The Nether Regions of the Internet

40+ Pioneers Signed on for .TECH, as it Enters EAP Today‚Ä®

WeddingWire Joins Minds + Machines As New TLD '.Wedding' Pioneer

Minds + Machines and ALM Media Announce Strategic Partnership on .law

Independent Review Panel Favored DotConnectAfrica Trust Against ICANN Ruling Over .Africa Domain

Carlsberg Group Joins Minds + Machines Pioneer Program

Introducing the Verisign DNS Firewall

Sponsored Topics