Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: DNSSEC for - SANS Internet Storm Center SANS ISC InfoSec Forums

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Too many times over the last few weeks, you heard that the real answer to all the DNS problems is DNSSEC. I decided to give it a try, and signed the zone. DNSSEC is not exactly used very widely, and it is very possible that we will be running into some problems. If you experience any issues, please let us know (via ;-) ). For most users, this will not change anything. It only matters if your resolver or your web browser actually verifies DNSSEC signature. Expect a few changes to our zone while I experiment.

"Experimenting" with a production setup isnt exactly ideal. But there is always On the other hand, many of the aspects of DNSSEC just can't easily be simulated in a lab.

Johannes B. Ullrich, Ph.D.
SANS Technology Institute

I will be teaching next: Defending Web Applications Security Essentials - SANS San Francisco Winter 2019


3655 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!