Top level domain authorities will begin implementing DNSSEC (Domain Name System Security Extensions) on May 5, 2010 and there are implications for virtually all enterprise IT departments. The requirements and changes were published in 2005 via RFCs 4033, 4034 and 4035. The details of those RFCs can be found at:
- RFC 4033 “DNS Security Introduction and Requirements”
- RFC 4034 “Resource Records for the DNS Security Extensions”
- RFC 4035 “Protocol Modifications for the DNS Security Extensions”
These changes were triggered by a paper that examined specific threats/vulnerabilities to the Domain Name System: RFC 3833 “Threat Analysis of the Domain Name System (DNS).”