Deploy360 15 February 2012

Valuable Info In EU's “Good Practices Guide” for DNSSEC Deployment

By Dan YorkDirector, Internet Technology

Looking for a good concise guide to the security issues and procedures related to deploying DNSSEC?  Back in March 2010, the European Network and Information Security Agency (ENISA) issued their “Good Practices Guide For Deploying DNSSEC” with the abstract:

Deploying DNSSEC requires a number of security details and procedures to be defined and followed with specific requirements as to timing. This guide addresses these issues from the point of view of information security managers responsible for defining a policy and procedures to secure the DNS services of a company or an organisation, and from the point of view of competent authorities defining or regulating requirements for deployment.

Coming in at only 29 pages, the document provides a good overview of the issues you need to be thinking about and the steps you need to go through when deploying DNSSEC. While the guide was created prior to the signing of the root zone in July 2010, it still is very accurate in outlining what needs to be done.

Well worth a look if you are looking for whitepapers and similar documents around DNSSEC deployment.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...