Skip to Main Content
The Domain Name System is critical for the proper operation of applications on the Internet. Unfortunately, the DNS has a number of significant security weaknesses that can result in the compromise of Web sites, e-mail messages, and log-in sessions. Additionally, these weaknesses have been used as the basis for man-in-the-middle attacks on what are considered secure network protocols. This paper provides a short description of the weaknesses of the current DNS and a description of DNS security extensions that will solve the existing insecurities.