Live test deployment of a DNSSEC enabled DNS resolver.
Posted: Fri Mar 16, 2012 5:03 pm
We are currently running a DNSSEC enabled DNS resolver on one of our customer facing production name servers.
This means if a zone fails to validate via DNSSEC, then the server will return an error rather than passing you on to a potentially compromised host.
If all goes well, we will deploy this software on the remaining servers.
For more information on DNSSEC see the following:
http://www.icann.org/en/about/learning/ ... t08-en.htm
http://en.wikipedia.org/wiki/Domain_Nam ... s#Overview
This means if a zone fails to validate via DNSSEC, then the server will return an error rather than passing you on to a potentially compromised host.
If all goes well, we will deploy this software on the remaining servers.
For more information on DNSSEC see the following:
http://www.icann.org/en/about/learning/ ... t08-en.htm
http://en.wikipedia.org/wiki/Domain_Nam ... s#Overview