WingNews logo WingNews
top | item 41993145

(no title)

timokoesters | 1 year ago

I often hear complaints about DNS. How secure is it in practice and why are there little efforts to fix it?

discuss

order

fragmede|1 year ago

Not especially, but most websites are protected by TLS, so the problem that DNS is insecure is less of a problem. It's mainly a coordination problem, you have up get a lot of people on board to design a new DNS-SECure, and then everyone would also have to adopt it. Which they did (create DNSSEC, that is), but it has not seen the desired adoption. The other one is DoH, DNS over https. It's not without issue either though. So there are efforts, it's just a hairy coordination problem.

timokoesters|1 year ago

For TLS certificates, the certificate authority has to look up IPs to verify the domain. So the security is still based on DNS, right?