Domain Name Security Extensions (DNSSEC) protects the DNS from cache poisoning exploits
These can allow malicious entities to intercept an Internet users’ request to access a website, and redirect or eavesdrop on the user without their knowledge , and with no ability to reassert control.
DNSSEC introduces digital signatures to the DNS and automatically ensures that users are not hijacked and taken to an unintended destination.
DNSSEC adds digital signatures to each DNS transaction
With DNSSEC, users and servers can verify DNS responses for:
The data is protected. It does not matter what server or resolver provides the data.
afilias.info ? afilias.info 184.108.40.206 DOMAIN NAME SYSTEM ZONE SERVER Internet user DNSSEC
How do I know if a .INFO is secured with DNSSEC? Download the Mozilla Firefox plug-in at http://www.dnssec-validator.cz/
This screenshot was taken on September 1 before .INFO was signed. Because afilias.info did not have DNSSEC information, the plug-in showed a white key with a red circle.
Once the .INFO zone and the second level domain afilias.info were signed, the plug-in changed to show a green key. This confirms that the domain name is secured using DNSSEC technology and that the integrity of the DNS data has not been breached during transmission.
If you download the DNSSEC-Validator plug-in, be sure to check your validator settings
Go to Tools > Add-ons and Click Options under the DNSSEC Validator plug-in.
Select your preference for validating resolvers.
Comcast customers can enter 220.127.116.11 or 18.104.22.168 under the Custom radio button. These resolvers can be used to validate DNSSEC as well as be used for everyday Web surfing.
These domains are participating in our “friends and family” period