Toggle DNSSEC
Fri, Jun 21, 2024
When I was playing around with Cloudflare today, I had to disable DNSSEC
.
DNSSEC
(Domain Name System Security Extensions) is a suite of specifications used to secure information provided by the Domain Name System (DNS) through authentication and integrity checks, preventing attacks such as cache poisoning and ensuring that users reach legitimate websites. It uses digital signatures and public key cryptography to verify that DNS responses originate from their claimed sources and haven’t been altered.
I used dig
to check whether the deactivation of DNSSEC
has already been propagated.
Have a look at the last line.
The flag ad
is short for Authenticated Data and signifies that the data has been authenticated by DNSSEC, confirming its integrity and authenticity.
After I deactivated DNSSEC, the flag disappeared after a few minutes.
→ Deactivation was successful