The domain name system (DNS) is a foundation upon which virtually all Internet applications depend, using it to find their way to remote servers of information and business. There is precious little in the traditional DNS protocol to guard and protect the DNS information, thereby opening up for malicious attacks from people who forge DNS information, and lead applications to forged services located elsewhere. Secure DNS (DNSSEC) is a set of extensions to the DNS protocol, to provide for better integrity and authentication in the DNS world. The building blocks are asymmetric encryption and crypto signatures. Lars-Johan Liman will give a technical overview of the Secure DNS extensions and their basic functions. Basic knowledge of the DNS system, its records and basic functions will be assumed from the audience.

Lars-Johan Liman, M.Sc., works at the Royal Institute of Technology (KTH) in Stockholm, Sweden, where he configured his first DNS server ten years ago. Today he holds a position as systems specialist at KTH's Network Operations Centre, and his primary task is to run the large DNS servers, including the root name server in Stockholm. Lars-Johan is also active in the IETF standardizations body, chairing the DNS operations working group, and he teaches on various DNS related courses.