DNSSEC (DNS Security Extensions)
Embed This Widget
Add the script tag and a data attribute to embed this widget.
Embed via iframe for maximum compatibility.
<iframe src="https://statuscodefyi.com/iframe/glossary/dnssec/" width="420" height="400" frameborder="0" style="border:0;border-radius:10px;max-width:100%" loading="lazy"></iframe>Paste this URL in WordPress, Medium, or any oEmbed-compatible platform.
https://statuscodefyi.com/glossary/dnssec/Add a dynamic SVG badge to your README or docs.
[](https://statuscodefyi.com/glossary/dnssec/)Use the native HTML custom element.
A suite of extensions to DNS that adds cryptographic authentication to DNS responses. DNSSEC uses digital signatures to verify that DNS records have not been tampered with during transit. It protects against cache poisoning and man-in-the-middle attacks. DNSSEC adds RRSIG, DNSKEY, DS, and NSEC record types. Validation failures return SERVFAIL responses. DNSSEC does not encrypt queries — that is addressed by DoH and DoT.