Introduction to DNSSEC
What are the benefits of DNSSEC?
It is worthwhile to note that the DNS protocol has been designed so as it provides a quick and easy way for the Internet user to be granted a connection with a desired resource. When the concept has been designed, no one could predict such rapid popularization of Internet, multitude of services provided through DNS and threats related therewith. Information sent this way are not confidential or secured against forgery or modification. Potentially, data may be falsified or changed in many areas of the web. When loaded to a DNS servers cache, those data remain available for other users.
DNS is currently a mechanism most often used by other Internet protocols/services (for ex: www, http). Until now the main concern was the security of services, e.g.: securing access to bank services, ciphering electronic mail while omitting to secure internet domain names, which are fundamental for those services. This, in turn, exposes the users to unconsciously reveal important data (identity, passwords) on false (“phished”) Internet websites created on authentic domain names and lose control of, e.g.: bank accounts, electronic mail or a profile on a community portal. With the weak points of the DNS protocol being identified, it was upgraded with a mechanism allowing to verify the authenticity of received responses, i.e. DNSSEC.