DNS is a distributed database that is capable of storing different types of data, not only IP addresses, in which the domain owner can publish various domain specific data. Yet, plain DNS does not offer any type of security measures. This means that DNS data in the response can be spoofed by anybody at any time.
This is where DNSSEC comes in. DNSSEC stands for DNS SECurity Extensions and brings the data authentication and data integrity check into the DNS world. The whole solution is based on asymmetric cryptography.
Continue reading “Writing an application that supports DNSSEC in RHEL and Fedora”