[dns-operations] DNSSEC on Windows
Ondřej Surý
ondrej.sury at nic.cz
Mon Feb 16 13:51:16 UTC 2009
On Mon, Feb 16, 2009 at 1:58 PM, Lutz Donnerhacke <lutz at iks-jena.de> wrote:
> * Ondřej Surý wrote:
>>> DNSSEC uses Secure Sockets Layer (SSL) to ensure that client-to-server communication is secure.
>>> The use of SSL allows the DNS client to check that the server has a certificate that proves
>>> its identity as a valid DNS server. This adds an additional level of trust between the client
>>> and the server.
>>
>> Do they speak about TSIG? Or is this something only in MS Windows?
>
> Of course not! They tunnel DNS TCP over SSL using the certificate obtained
> from the active directory.
Thanks for hint. Quick STFG on 'DNS over SSL' showed nothing usefull :(.
Ondrej.
--
Ondrej Sury
technicky reditel/Chief Technical Officer
-----------------------------------------
CZ.NIC, z.s.p.o. -- .cz domain registry
Americka 23,120 00 Praha 2,Czech Republic
mailto:ondrej.sury at nic.cz http://nic.cz/
sip:ondrej.sury at nic.cz tel:+420.222745110
mob:+420.739013699 fax:+420.222745112
-----------------------------------------
More information about the dns-operations
mailing list