Home / Industry

If I Have an SSL, Do I Need DNSSEC?

.ORG, The Public Interest Registry is pleased to announce the next guest blogger for our DNSSEC FUD Buster series. Howard Eland is a specialist in the IT industry with over 20 years experience in network and systems administration as well as a number of programming languages. Howard has been with Afilias Limited since its inception in 2001 and currently acts as the Senior Director, Resolution Services.

Many folks believe their online presence is safe simply because their site has an SSL certificate. The truth is that, while SSL does provide protection and encryption of data for a website, attackers can use tactics that affect the end user before they get to your website. SSL and other Internet security technologies do not solve the problem of traffic hijacking and forgery. It does not matter if you use SSL, VPN or any other technology — as long as you use the DNS without security you are vulnerable. DNSSEC is a specific answer to a very specific problem and it does a great job solving it. Of course, DNSSEC was never meant to solve the problem that SSL does, which is encrypting communications once you reach the destination site.

  • Without DNSSEC and with SSL — you can be SECURELY hijacked to the wrong location.
  • Without DNSSEC, you won't even know when you get hijacked.
  • Without DNSSEC, your ISP's cache can get poisoned and every person that uses that ISP's name server will be affected.

If there was a simpler answer than DNSSEC to ensure you are resolving to the hostname you intended to, I am sure the community would be embracing that. The reality is DNSSEC is a solution worked on for almost 10 years and is our best available option.

About PIR

PIR

Trusted across all ages, backgrounds and nationalities, .ORG is where people turn to find credible information, get involved, fund causes and support advocacy. .ORG, The Public Interest Registry empowers the global noncommercial community to use the Internet more effectively and, concurrently, takes a leadership position among Internet stakeholders on policy and related issues on behalf of the .ORG Community. (Learn More)

Related topics: Cybercrime, DNS, DNS Security, Registry Services, Security, Top-Level Domains

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

General Availability Period for New .RED Top-Level Domain Opens

General Availability Period for New .BLUE Top-Level Domain Opens

General Availability Period for New .PINK Top-Level Domain Opens

New Chinese "Mobile" Top-Level Domain Now Available

New .KIM Domain Goes Live

Welcome .SHIKSHA! General Availability Now Open

Adrian Kinderis Appointed as Chair of Domain Name Association

Internet Reaches 271 Million Domain Names in the Fourth Quarter of 2013

Why We Decided to Stop Offering Free Accounts

The Future of Chinese Domain Names (a Panel Discussion)

dotStrategy Selects Neustar's Registry Threat Mitigation Services for .BUZZ Registry

Tony Kirsch Announced As Head of Global Consulting of ARI Registry Services

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

Afilias Chairman Appointed to Domain Name Association Board

.BUILD Enters Landrush with Support of ARI Registry Services

Dyn Acquires Managed DNS Provider Nettica

Radix Awards Contracts for .website, .host, .space, and .press to CentralNic plc

Afilias Welcomes "Dot Chinese Online" and "Dot Chinese Website" Top-Level Domains to the Internet

What Does a DDoS Attack Look Like? (Watch First 3 Minutes of an Actual Attack)

Joining Forces to Advance Protection Against Growing Diversity of DDoS Attacks

Sponsored Topics