[dns-operations] DNSSEC on Windows

Lutz Donnerhacke lutz at iks-jena.de
Mon Feb 16 12:58:55 UTC 2009


* Ondřej Surý wrote:
>> DNSSEC uses Secure Sockets Layer (SSL) to ensure that client-to-server communication is secure.
>> The use of SSL allows the DNS client to check that the server has a certificate that proves
>> its identity as a valid DNS server. This adds an additional level of trust between the client
>> and the server.
>
> Do they speak about TSIG?  Or is this something only in MS Windows?

Of course not! They tunnel DNS TCP over SSL using the certificate obtained
from the active directory.



More information about the dns-operations mailing list