Domain Name System Security Extensions (DNSSEC) are security protocol extensions for the Domain Name System (DNS), designed to ensure the integrity and authenticity of DNS data. The eco Email Competence Group, Anti-Abuse Competence Group and Names & Numbers are calling for the rapid and widespread introduction and use of DNSSEC, as the extensions offer numerous advantages, such as:

• Protection against DNS cache poisoning
• Protection against fake DNS responses
• Prevention of Man-in-the-Middle attacks
• Increased trust and reliability on the Internet
• Enabling further security protocols such as DANE (DNS-based Authentication of Named Entities)

Patrick Koetter, Head of the eco Anti-Abuse and Email Competence Groups says: “Only with DNSSEC can you really trust the responses from the DNS and then act accordingly. The traditional DNS alone cannot do this. Every day, far-reaching and costly decisions are made based on DNS responses, such as in online banking or when buying and paying for goods. The DNS information must be correspondingly trustworthy for users, which is ensured by DNSSEC.”

Thomas Rickert, eco Director Names & Numbers, adds: “DNSSEC can be implemented easily and securely. The concerns expressed after the introduction of DNSSEC, such as the difficulty of implementation and increased support efforts, are either unfounded or no longer applicable. There is no longer any reason not to implement it and raise the security level in DNS.”

An eco survey is currently being conducted to determine which hurdles are still preventing companies from introducing and using DNSSEC across the board. The Competence Groups aim to find out how to help companies that are still hesitant.

Participate in the survey now (duration approx. 2 minutes):
https://topdns.eco.de/dnssec-survey/