Home / Industry

If I Have an SSL, Do I Need DNSSEC?

.ORG, The Public Interest Registry is pleased to announce the next guest blogger for our DNSSEC FUD Buster series. Howard Eland is a specialist in the IT industry with over 20 years experience in network and systems administration as well as a number of programming languages. Howard has been with Afilias Limited since its inception in 2001 and currently acts as the Senior Director, Resolution Services.

Many folks believe their online presence is safe simply because their site has an SSL certificate. The truth is that, while SSL does provide protection and encryption of data for a website, attackers can use tactics that affect the end user before they get to your website. SSL and other Internet security technologies do not solve the problem of traffic hijacking and forgery. It does not matter if you use SSL, VPN or any other technology — as long as you use the DNS without security you are vulnerable. DNSSEC is a specific answer to a very specific problem and it does a great job solving it. Of course, DNSSEC was never meant to solve the problem that SSL does, which is encrypting communications once you reach the destination site.

  • Without DNSSEC and with SSL — you can be SECURELY hijacked to the wrong location.
  • Without DNSSEC, you won't even know when you get hijacked.
  • Without DNSSEC, your ISP's cache can get poisoned and every person that uses that ISP's name server will be affected.

If there was a simpler answer than DNSSEC to ensure you are resolving to the hostname you intended to, I am sure the community would be embracing that. The reality is DNSSEC is a solution worked on for almost 10 years and is our best available option.

About PIR

PIR

Public Interest Registry is a nonprofit corporation that operates the .org top-level domain – the world's third largest "generic" top-level domain with more than 10 million domain names registered worldwide. As an advocate for collaboration, safety and security on the Internet, Public Interest Registry's mission is to empower the global noncommercial community to use the Internet more effectively, and to take a leadership position among Internet stakeholders on policy and other issues relating to the domain naming system. Learn More

Related topics: Cybercrime, DNS, DNS Security, Registry Services, Security, Top-Level Domains

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

.Online Receives 550+ Sunrise Requests, a Fortnight Still to Go

Announcing Verisign IntelGraph: Unprecedented Context for Cybersecurity Intelligence

The Deep Web and the Darknet - The Nether Regions of the Internet

40+ Pioneers Signed on for .TECH, as it Enters EAP Today


WeddingWire Joins Minds + Machines As New TLD '.Wedding' Pioneer

Minds + Machines and ALM Media Announce Strategic Partnership on .law

Independent Review Panel Favored DotConnectAfrica Trust Against ICANN Ruling Over .Africa Domain

Carlsberg Group Joins Minds + Machines Pioneer Program

Introducing the Verisign DNS Firewall

In Celebration of Marriage Equality Each New .LGBT Name Donates $20 to the It Gets Better Project

Afilias Adds .PROMO to Its Expanding List of Top Level Domains

LogicBoxes Helps .MN Registry Grow by 350%

TLD Security, Spec 11 and Business Implications

Verisign Named to the Online Trust Alliance's 2015 Honor Roll

LogicBoxes Powers .NGO & .ONG Retail and Wholesale Channels for ENSET

3 Key Steps for SMBs to Protect Their Website and Critical Internet Services

Key Considerations for Selecting a Managed DNS Provider

Verisign Mitigates More DDoS Attacks in Q1 2015 than Any Quarter in 2014

Alabama Joins dotVOTE Movement - Announces Alabama.vote for Its Election Site

LogicBoxes Partners With Domains.Green to Setup Retail & Wholesale Channels for .green Domains

Sponsored Topics