This website uses cookies to distinguish you from other users of our website. The use of cookies helps us to provide you with a specific service, to facilitate website use, to understand our visitors and to advertise to you. By continuing to browse the site you are giving consent to our use of cookies. Learn more in our Privacy Statement.

Domain Names

Authenticating the Internet from end-to-end


The Domain Name System (DNS), the Internet's addressing system, is the most critical component of the Internet infrastructure. Without it, the Internet could not function.

However, it was not designed with security in mind. As a result, it is vulnerable to man-in-the-middle (MITM) attacks and cache poisoning. These threats use forged data to redirect Internet traffic to fraudulent sites and unintended addresses.

Once an unsuspecting user or device reaches the fraudulent site, cyber criminals can potentially extract credit card data, steal user passwords, eavesdrop on voice over IP (VoIP) communications, plant malicious software or display images and text that defame the legitimate brand or provide misleading information. Given that a single DNS name server can act as the name-to-address resolution point for thousands of users, the potential impact of a MITM attack or cache poisoning can be considerable.

Verisign has been involved in DNSSEC development since 2000, and our engineers played a leading role in the development of the NSEC3 protocol. We continue to collaborate with the internet technical community as DNSSEC testing, implementation and adoption move forward.

Verisign collaborates with tech community on DNSSEC test