‹ Back
Domain Name System Security Extensions (DNSSEC) 23 October 2012

Deploying DNSSEC: Validation on recursive caching name servers

SURFnet whitepaper on deploying DNSSECWhy should you deploy DNSSEC-validating DNS resolvers on your network?  What kind of planning should you do to prepare? What steps do you need to do?

The team at SURFnet has published a whitepaper titled “Deploying DNSSEC: Validation on recursive caching name servers” (PDF) that answers these specific questions and much more.  The document covers:

  • Cost and benefits of deploying DNSSEC
  • DNS architecture
  • Requirements before deployment
  • Planning your deployment
  • Operational requirements and practices

The document then gets into specific step-by-step instructions for three of the most common DNS resolvers:

  • BIND 9.x
  • Unbound
  • Microsoft Windows Server 2012

For people looking to deploy DNSSEC-validation within their network, this guide provides an excellent way to get started.

‹ Back
Join the conversation with Internet Society members around the world