NS1, the leader in next generation DNS and application traffic management solutions, announced it collaborated with experts from Salesforce on the first implementation of multi-signer DNSSEC, which enables the cryptographic signing of DNS records across zones with multiple DNS platforms.
Engineers from both NS1 and Salesforce are leading the industry-wide initiative to provide a safer internet for all organizations and users through multi-signer DNSSEC, which is currently under review by the Internet Engineering Task Force (IETF).
DNSSEC, a set of enhancements to standard DNS functionality, prevents DNS spoofing and cache-poisoning attacks by cryptographically signing records in order to prove their authenticity. However, traditional implementations often break modern traffic management features like geo-routing and global server load balancing.
These technical barriers have made it impossible to leverage DNS security extensions when using multiple DNS providers (platforms), which has limited enterprise adoption, leaving organizations unprotected.
“Multi-signer DNSSEC makes important strides in eliminating barriers to DNSSEC adoption by allowing for both redundancy and security without sacrificing the key proprietary features that ensure optimal performance,” -NS1 Lead Software Engineer Jan Včelák.