Originally published at: http://www.howtogeek.com/161714/how-dnssec-will-help-secure-the-internet-and-how-sopa-almost-made-it-illegal/
Domain Name System Security Extensions (DNSSEC) is a security technology that will help patch up one of the Internet’s weak points. We’re lucky SOPA didn’t pass, because SOPA would have made DNSSEC illegal.
Good concise explanation. Thanks
Good explanation, but far too optimistic as regards future prospects. Rest assured that SOPA will indeed be back, in one version or another, as the people with the big bucks and their front organisations like the RIAA and the MPAA, whose influence in the US Congress and elsewhere should not be underestimated, are far more concerned with perpetuating their stranglehold over creativity than with the dangers that man-in-the-middle attacks represent for ordinary users....
I tried nslookup on my system and got this reply, which I don't really understand:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
It would seem that my Belkin router was involved, and OpenDNS intercepted my lookup request. I really expected a similar response to that shown in the article.
Presumably the "Non-authoritative answer" part of the response (which we currently are getting) will disappear only whenever DNSSEC becomes active. True? . . . I reckon that you should have shown this, Chris. Also, when is DNSSEC expected to be implemented, what stage of roll-out has it reached?
Bingo, here you go...
So how about the hosts file. If I stick some override in there, will I start getting warnings eventually because it cannot be verified, or will the hosts file always be trusted?
When is it anticipated this work will be completed?
I wonder how long it will take for them (the evil doers) to figure away around it?
gr8 article!! BTW, when this is going to be implemented and how we can ensure that such middle of Attacks can be avoided.