Deploy360 7 November 2014

CloudFlare Writes About DNSSEC Complexities And Considerations

By Dan YorkDirector, Internet Technology

CloudFlare logoThe folks over at CloudFlare published another great article earlier this week, “DNSSEC: Complexities and Considerations” that dives into more detail about some of the challenges of implementing DNSSEC.  Specifically, author Nick Sullivan explores the:

  • Exposure of DNS zone content through zone-walking
  • DNSSEC key management
  • DNS reflection/amplification attacks

He dives into the topics in great detail and explains what CloudFlare is planning to do to address each of these issues.  I strongly encourage you to check it out!

And then if you want to start implementing DNSSEC or DANE within your own environment, please visit our Start Here page to get started!

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...