The base DNS specification has certain security vulnerabilities that, with recent findings, makes it even more trivial for someone to spoof DNS responses and have the application act upon these responses. In this day and age of cloud based and web-based services it becomes even more important for an application to know that it is reaching its intended destination and to react appropriately to spoofing incidents. With DNSSEC now being actively deployed across various name server installations, now is an opportune time for applications to begin to take advantage of some of the benefits that DNSSEC provides. In this presentation we will focus on the extensions we made to the Firefox browser such that it supports various DNSSEC indicators. We will briefly discuss an API we have developed and the modifications we have made to the application user interface. We do so in order to encourage application developers to consider DNS security implications in their Internet and web applications, and to encourage them to think of even more innovative ways of harnessing the benefits of this technology.
Speaker bio will be posted shortly.