A new “Good Practices Guide for deploying DNSSEC” for information security managers and National Agencies has been published by the Agency.
Published on March 02, 2010
The ENISA “Good Practices Guide for deploying DNSSEC” (Domain Name System Security Extensions) has been published. DNSSEC is a security extension which provides the possibility to origin authentication of DNS data, data integrity, and authenticated denial of existence. The guide lists the considerations that have to be made and provides recommendations for the security details and procedures to be defined. These procedures should be followed with specific timing requirements in order to deploy DNSSEC:
• by domain holders, signing their domain zones;
• in validating recursive resolvers.
These considerations have to be addressed when specifications are compiled:
• to deploy DNSSEC using internal resources;
• for buying a DNSSEC enabled commercial-of-the-shelf (COTS) DNS product;
• to outsource all or part of the DNS service and sign a service level agreement (SLA).
The guide addresses DNSSEC deployment from the point of view of information security managers responsible for defining a policy and procedures to secure the DNS services of a company or an organisation, and from the point of view of competent authorities defining requirements for deployment.
Stay tuned – subscribe to RSS feeds of ENISA news itemshttp://www.enisa.europa.eu/media/news-items/news-wires/RSS
Your feedback can help us maintain or improve our content.
The European Union Agency for Cybersecurity (ENISA) is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe.
ENISA contributes to EU cyber policy, enhances the trustworthiness of ICT products, services and processes with cybersecurity certification schemes, cooperates with Member States and EU bodies, and helps Europe prepare for the cyber challenges of tomorrow.
This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.
About The Author
More Stories
How RightsCon Is an Unexpected Stress Test for the Multistakeholder Model of Internet Governance
From Coverage to Meaningful Connectivity: How Kenya Is Leading Africa’s Internet Future
Community Snapshot—April