Sciweavers

CNSM
2010

A performance view on DNSSEC migration

13 years 9 months ago
A performance view on DNSSEC migration
In July 2008, the Kaminsky attack showed that DNS is sensitive to cache poisoning, and DNSSEC is considered the long term solution to mitigate this attack. A lot of technical documents provide configuration and security guide lines to deploy DNSSEC on organization's servers. However, such documents do not provide ISP or network administrators inputs to plan or evaluate the cost of the migration. This paper describes current deployment of DNSSEC and provides key elements to consider when planning DNSSEC deployment. Then we focus our work on performance aspects and provide experimental measurements for both DNS and DNSSEC architecture. Experimental results evaluate the cost of DNSSEC for authoritative and recursive server with different implementations.
Daniel Migault, Cedric Girard, Maryline Laurent
Added 10 Feb 2011
Updated 10 Feb 2011
Type Journal
Year 2010
Where CNSM
Authors Daniel Migault, Cedric Girard, Maryline Laurent
Comments (0)