[dns-operations] DNSSEC on Windows

Ondřej Surý ondrej.sury at nic.cz
Mon Feb 16 13:51:16 UTC 2009

On Mon, Feb 16, 2009 at 1:58 PM, Lutz Donnerhacke <lutz at iks-jena.de> wrote:
> * Ondřej Surý wrote:
>>> DNSSEC uses Secure Sockets Layer (SSL) to ensure that client-to-server communication is secure.
>>> The use of SSL allows the DNS client to check that the server has a certificate that proves
>>> its identity as a valid DNS server. This adds an additional level of trust between the client
>>> and the server.
>> Do they speak about TSIG?  Or is this something only in MS Windows?
> Of course not! They tunnel DNS TCP over SSL using the certificate obtained
> from the active directory.

Thanks for hint.  Quick STFG on 'DNS over SSL' showed nothing usefull :(.

 Ondrej Sury
 technicky reditel/Chief Technical Officer
 CZ.NIC, z.s.p.o.  --  .cz domain registry
 Americka 23,120 00 Praha 2,Czech Republic
 mailto:ondrej.sury at nic.cz  http://nic.cz/
 sip:ondrej.sury at nic.cz tel:+420.222745110
 mob:+420.739013699     fax:+420.222745112

More information about the dns-operations mailing list