Home / Companies / Cloudflare / Blog / Post Details
Content Deep Dive

DNSSEC: Complexities and Considerations

Blog post from Cloudflare

Post Details
Company
Date Published
Author
Nick Sullivan
Word Count
2,631
Company Posts That Month
4
Language
English
Hacker News Points
8
Post removed?
No
Summary

This blog post discusses some complications associated with Domain Name System Security Extensions (DNSSEC), an extension to the Domain Name System (DNS) that provides a system of trust for DNS records. The main issues are zone content exposure, key management, and the impact on DNS reflection/amplification attacks. Zone content exposure occurs when enabling DNSSEC may expose otherwise obscured zone content. Key management is another concern as DNSSEC was designed to operate in various modes, each providing different security, performance, and convenience tradeoffs. Lastly, operators running an authoritative DNS server are often nervous their server will be used as a conduit for malicious distributed denial of service (DDoS) attacks due to the fact that DNS uses UDP, a stateless protocol. CloudFlare is working on solutions to address these issues and reduce any negative impact they might have.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Real-time 1 98 21 12 +72%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.