6.033 | Preparation for Recitation on DNSSEC

Home / News

Schedule

Submissions

General Information

Staff List

Recitations

Tutorials

TA Office Hours

Piazza

Feedback

FAQ

Class Notes Errata

Excellent Writing Examples

2014 Home

Preparation for Recitation on DNSSEC

Read "Security Vulnerabilities in DNS and DNSSEC" by Ariyapperuma and Mitchell. If you recall earlier portions of 6.033, you should be able to skip Section 2.

This paper is about DNSSEC. DNS, as is, is an insecure system; DNSSEC is a proposed extension to DNS to mitigate some of the security concerns. It is not yet widespread.

Please answer the following question:

DNSSEC provides authentication, but not confidentiality. One can imagine a confidential version of DNS, though, where each client/server use public-key crytography to encrypt the requests/responses between them. What performance issues would this confidential version of DNS face? Name at least two.

(This question is just a way of asking "Why do you think DNSSEC does not provide confidentiality?")

Questions or comments regarding 6.033? Send e-mail to the 6.033 staff at 6.033-staff at mit.edu.

Top // 6.033 home //