Implementing DNSSEC

Cisco’s The Internet Protocol Journal has published an article titled Implementing DNSSEC explaining the challenges that are involved with DNSSEC and what experience the early adopters have gathered and documented

Cisco’s The Internet Protocol Journal has published an article titled Implementing DNSSEC explaining the challenges that are involved with DNSSEC and what experience the early adopters have gathered and documented.

The article by Stephan Lagerholm and Torbjörn Eklöv, both DNS architects with significant DNSSEC experience, looks at “cache poisoning” techniques that were discovered a few years ago. The article says “you have most likely heard that Domain Name System Security Extensions (DNSSEC) is the long-term cure. But you might not know exactly what challenges are involved with DNSSEC and what experience the early adopters have gathered and documented. Perhaps you waited with your own rollout until you could gather more documentation about operational experiences when rolling out DNSSEC.”

This article summarises Lagerholm and Eklöv’s experiences, including lessons learned from implementing the technology in production environments, and discusses associated operational concerns.

To read this article, Implementing DNSSEC, in full by Stephan Lagerholm and Torbjörn Eklöv in Volume 13, Number 2, of Cisco’s The Internet Protocol Journal, see:
www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_13-2/132_dnssec.html