The purpose of Domain Name System Security Extensions (DNSSEC) is to protect the internet from external attack, web users have been told.
According to DNSSEC.net, the protections add another layer of security to the global internet naming system, guarding against threats such as cache poisoning.
The news provider explained that DNSSEC is a set of extensions to the domain name system which provide origin authentication of DNS data, data integrity, and authenticated denial of existence.
“These mechanisms require changes to the DNS protocol,” the website said.
“DNSSEC adds four new resource record types: Resource Record Signature, DNS Public Key, Delegation Signer, and Next Secure.”
The extensions also add two new DNS header flags – Checking Disabled and Authenticated Data.
DNSSEC services protect against most of the threats to the domain name system, albeit they do not provide confidentiality of data.
Research into domain name system security began in 1990 after flaws were discovered, with the first security extensions released in 1997.