The Current and the Future States of DNS Security (2020)
./intro
Domain Name System (referred to as DNS from here onwards) is one of the oldest protocols/technology’ stacks that we still use on our Networks.
Its origins date back to 1987 when its original RFCs were made public (they were two, RFC1034 and RFC1035).
Back then, no security controls were added to the DNS specification.
Over a decade went by, the WEB took over (and neither the Information at your fingertips or Information Superhighway projects saw their market release) and as a result, DNS started being used in large scale on the internet. Only then — in the early 90s — after many political discussions around cryptography and internet privacy (and internet security — see RFC6973) took place, it was decided that some Security controls for the protocol were needed.
The purpose of this document is to expose what the proposed solutions were and where we stand nowadays with regards to Security for the DNS infrastructure. This will serve you as a guide for further research on the subject, I’ve made sure to share a substantial amount of references and sources on the topics so that you do that later.
./dnsfoundation
Before you move on, it may be worth a review on how DNS works.