EnterpriseNetworkingPlanet: DNSSEC: What Is It Good For?
Apr 12, 2005, 07:00 (0 Talkback[s])
(Other stories by Charlie Schluting)
[ Thanks to mph
for this link. ]
"DNSSEC, which stands for DNS Security Extensions, is a method
by which DNS servers can verify that DNS data is coming from the
correct place, and that the response is unadulterated. In this
article we will discuss what DNSSEC can and cannot do, and then
show a simple ISC Bind 9.3.x configuration example.
"DNSSEC is a public/private key system. This means that the
owner of a DNS zone has a private key and a public key. Using the
private key to digitally sign a zone will allow anyone with the
zone's public key to verify that the data is authentic..."