Securing InteropNET with DNSSEC Cory von Wallenstein VP, Engineering – Dyn Inc.
Internet Infrastructure as a Service DynECT Managed DNS & Email Delivery
DNS is names to numbers
twitter.com -> 184.108.40.206
5+ Million active users/clients
1000+ Enterprise clients
250,000+ Zones managed
100,000+ Domains registered
17 World-wide datacenters
Billions of queries per day
Billions of messages annually
User My Bank Insecure HTTP… end user beware! http – http://www.local.mybank.com
User My Bank Add HTTPS… verify domain owner. https – https://www.local.mybank.com Is the domain correct?
User My Bank But what verifies the IP in DNS? https – https://www.local.mybank.com Is the domain correct? But what about the IP address 220.127.116.11 that www.local.mybank.com resolved to… What verifies that? www.local.mybank.com A 18.104.22.168