Difference between revisions of "Securing DNS"

From XMPP WIKI
Jump to: navigation, search
Line 1: Line 1:
 
'''Work in Progress. Check back later.'''
 
'''Work in Progress. Check back later.'''
  
This page provides some basic instructions for signing a DNS zone with DNSSEC.
+
This page provides some basic instructions for signing a DNS zone with DNSSEC, using the popular ISC BIND DNS server software.
 +
 
 +
It is a good idea to protect XMPP DNS records (or for that matter, any DNS records) with DNSSEC. To do this, you need to "sign" the DNS zone that contains your XMPP DNS record(s). DNSSEC adds digital signatures for DNS records in the zone, and these signatures can then be verified by other people using DNSSEC aware resolvers.

Revision as of 21:56, 29 December 2013

Work in Progress. Check back later.

This page provides some basic instructions for signing a DNS zone with DNSSEC, using the popular ISC BIND DNS server software.

It is a good idea to protect XMPP DNS records (or for that matter, any DNS records) with DNSSEC. To do this, you need to "sign" the DNS zone that contains your XMPP DNS record(s). DNSSEC adds digital signatures for DNS records in the zone, and these signatures can then be verified by other people using DNSSEC aware resolvers.