Domain Name System Security Extensions (DNSSEC) 30 December 2011

NIST Secure Domain Name System (DNS) Deployment Guide

The United States National Institute of Standards and Technology (NIST) created an excellent “Special Publication” related to DNSSEC:

Secure Domain Name System (DNS) Deployment Guide

Like many of NIST’s Special Publications, the detailed guide, last updated in September 2013, starts out with a tutorial about the basics of the technology, in this case DNS.  It then explains the security threats to DNS at great length before then providing solid guidelines for securing your DNS systems and information.

The document covers DNSSEC but also looks at what you need to do to secure the information on your actual DNS server from other attacks.   It also provides specific configuration information for two of the more popular DNS servers in use.

While NIST’s focus is on providing information and guidelines to U.S. government agencies, the document is extremely useful to companies, organizations and others around the world.

NOTE: A new version 2 of this document was released by NIST in September 2013 that included updated sections on DNSSEC and DNS server configuration. The links on this page were updated to link to this new version 2.

Related articles

Deploy360 3 April 2017

Introduction to PKIs & CAs

In order to be trusted, the Internet must provide channels for secure and private communication between entities, which can...

Domain Name System (DNS) 31 December 2016

State of DNSSEC Deployment 2016

This report provides a snapshot of the state of deployment of DNSSEC as of the end of 2016. Please download...

Deploy360 7 October 2014

DNSSEC Fact Sheet

Looking for a quick way to explain DNSSEC to people?  Would you like a DNSSEC handout you could print...