What is a DNSSEC?

When you type in the domain name of the website you want to visit, it has to be translated into a number by a specific system. So, in order for the connection to get established – these names have to be translated to numeric equivalent, i.e. IP addresses. The system that makes this happen is called Domain Name System (DNS). It is also known as the phone book of the Internet as it tells computers the exact location of the websites and shows them where to send request and retrieve information.

In July 2008, the CERT Coordination Center announced that a fundamental flaw was found in the Domain Name System (DNS) protocol. A solution to this flaw has been proposed – DNSSEC. This was a way to bring cryptographic assurance to results provided by DNS. DNSSEC is a technology developed to protect against these malicious attacks by digitally signing data so users are sure it is valid. DNSSEC protects the internet community using a public key cryptography for digitally signing authoritative zone data and validating its destination. It means that response from root name server on question where .ME name server is includes a signature key from the .ME name server.