Home / Industry

If I Have an SSL, Do I Need DNSSEC?

.ORG, The Public Interest Registry is pleased to announce the next guest blogger for our DNSSEC FUD Buster series. Howard Eland is a specialist in the IT industry with over 20 years experience in network and systems administration as well as a number of programming languages. Howard has been with Afilias Limited since its inception in 2001 and currently acts as the Senior Director, Resolution Services.

Many folks believe their online presence is safe simply because their site has an SSL certificate. The truth is that, while SSL does provide protection and encryption of data for a website, attackers can use tactics that affect the end user before they get to your website. SSL and other Internet security technologies do not solve the problem of traffic hijacking and forgery. It does not matter if you use SSL, VPN or any other technology — as long as you use the DNS without security you are vulnerable. DNSSEC is a specific answer to a very specific problem and it does a great job solving it. Of course, DNSSEC was never meant to solve the problem that SSL does, which is encrypting communications once you reach the destination site.

  • Without DNSSEC and with SSL — you can be SECURELY hijacked to the wrong location.
  • Without DNSSEC, you won't even know when you get hijacked.
  • Without DNSSEC, your ISP's cache can get poisoned and every person that uses that ISP's name server will be affected.

If there was a simpler answer than DNSSEC to ensure you are resolving to the hostname you intended to, I am sure the community would be embracing that. The reality is DNSSEC is a solution worked on for almost 10 years and is our best available option.

About PIR

PIR

Public Interest Registry is a nonprofit corporation that operates the .org top-level domain – the world's third largest "generic" top-level domain with more than 10 million domain names registered worldwide. As an advocate for collaboration, safety and security on the Internet, Public Interest Registry's mission is to empower the global noncommercial community to use the Internet more effectively, and to take a leadership position among Internet stakeholders on policy and other issues relating to the domain naming system. (Learn More)

Related topics: Cybercrime, DNS, DNS Security, Registry Services, Security, Top-Level Domains

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

PIR Releases Report Detailing Steady Growth of .org Domain in 2014

Afilias Supports the CrypTech Project - Ambitious Hardware Encryption Effort to Protect User Privacy

.film to Provide New Home Online for the Film Industry

.VOTE Solves Presidential Candidate Ted Cruz's Domain Name Problem

.green Now in General Availability

ICANN's Registry Audits Begin Next Week. Are You Prepared?

Sunrise Period Begins for .NGO and .ONG

.study & .courses to Launch with Support of ARI Registry Services

We Know This .Sucks

ARI Registry Services Expands Middle East & Africa Operations

Radix Assumes Full Ownership of .online

IBCA Presentation to ICANN GAC on Protection of Geographic Names in New gTLDs

Public Sector Experiences Largest Increase in DDoS Attacks (Verisign's Q4 2014 DDoS Trends)

NSW Government Launches .sydney Domain

New .VOTE and .VOTO Domains Now Available

Help Ensure the Availability and Security of Your Enterprise DNS with Verisign Recursive DNS

Verisign iDefense 2015 Cyber-Threats and Trends

.LGBT Public Launch Begins Today

.POKER Domain Sunrise Period Begins

What's in Your Attack Surface?

Sponsored Topics

Afilias

DNS Security

Sponsored by
Afilias
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
Verisign

Security

Sponsored by
Verisign
dotMobi

Mobile

Sponsored by
dotMobi