DNSSEC stands for Domain Name System Security Extensions. It is a service that checks the authenticity and integrity of requested DNS data. DNS queries are “verified” to prevent abuses such as man-in-the-middle attacks.
Previously, it wasn’t possible to check whether DNS responses were correct or fraudulent, and whether you had really connected with the correct partner.
-
DNSSEC ensures a trustworthy DNS by making fraudulent responses visible.
-
By making it possible to check the authenticity of DNS responses, it ensures that DNS can be used as a trustworthy source of information.
DNSSEC is based on verifiable digital signatures. DNS entries are marked with a cryptographic signature which can be used to check that a DNS response is correct and has not been tampered with.
The owner of a zone ("domain") must actively choose to sign their domain with DNSSEC. They must explicitly make the decision to activate DNSSEC.
How do I activate DNSSEC for my domain?
To activate DNSSEC, log in to the Control Panel with your Hostpoint ID. Select “Domains” and edit the desired domain. Scroll down and activate DNSSEC by clicking on “Activate DNSSEC”.
For support requests please use this form instead.