The Weekly Dev - 202216
It is always DNSSEC
Or maybe not! The debate is quite hot about the need to secure DNS infrastructure. The stakes are high at some levels, and of course migrating all the existing infrastructures to a secure DNS has high costs, no wonder it is taking time, and pain, and suffer, and breaches.
But as I came to understand, apart from the big corporates, who have to manage their own DNS infrastructure, and have to put in place some crazy key-signing fool-proof workflow, if you use a decent registrar for your domains management, the transition from DNS to DNSSEC should be a matter of: "click ENABLE DNSSEC".
And if that's the case for you, you have to just do it, enable DNSSEC for all of your domains.
Keywords: [ git ] [ security ] [ privacy ]