You are here

DNSSEC-protected .rs and .срб domains

21/05/2020

Someone malicious, given the opportunity to intercept communication with a DNS server or to alter the DNS response by some other means, can redirect users to a completely different location on the Internet. Theft of personal data, bank account and credit card numbers or confidential business data, can often be disastrous both for users and for those whose Internet service has been hijacked.

Recently RNIDS has made it possible to protect all domain names in the .rs and .срб domain space from fake DNS responses. DNSSEC allows the authenticity of the source from which the DNS response was received to be validated, as well as the integrity of the response itself. In practice this means that all those using DNS servers with active DNSSEC record validation can be safe in the knowledge that the DNS response for DNSSEC-signed domains has not been altered en route from the server to the user.

Since these changes to the domain name registration system were put in place, several dozen .rs domains have been protected with DNSSEC signatures. Our common goal is to ensure the most secure Internet environment possible, and that includes the security of domain names and the DNS system. That is why we strongly recommend that .rs and .срб domains, which are the most used in Serbia, be protected using one of the domain name protection options and using DNSSEC signatures. Just like all other services relating to domain names, forwarding DNSSEC records to RNIDS is done via the accredited registrar with whom the domain is registered. You can read more about this service, and about how you can check whether the DNS servers you are using have DNSSEC validation activated, in our article about DNSSEC.