Title: Using DNS to provide Application Security

Abstract:

DNS has been extended with a cryptographic method for validating data records retrieved by DNS queries.  This method, DNSSEC, has been primarily used to protect against cache poisoning attempts.  The focus of this effort has been to protect end users from being redirected to malicious sites.   The DNS, however, can be used to store many other types of records besides the IP address of a particular domain name.  This talk will discuss the use of DNSSEC to protect SSL certificates, email, IP routing, software downloads and other applications now that we have a way to publish authoritative information in a verifiable manner.