As the name indicate (DNSSEC or DNS security extensions) are set of extensions which are added to the DNS protocol to add a layer of security to DNS name lookup or data exchange process.

The original design of DNS didn't include any security details and DNS extensions were developed to overcome the security gap. Its purpose is to protect clients from forged DNS data by verifying digital signatures embedded in the data. If a digital signature in the data matches with the signatures that are stored in the master DNS server, then client assumes that the data received is correct.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*