But such architectures are complex, may require specialist skills and come with high software management overheads. Legacy mission-critical applications, such as databases, are not always set up to look after their reliability on their own without depending on hardware and operating system / hypervisor mechanisms. To move such applications to the cloud and maintain their reliability, organizations may need to substantially refactor the code.
There are two parts to DNSSEC: the adding of digital signatures to DNS responses, or “signing”, and the validation of these signatures within the process of resolution of DNS names. Let’s have a look at each of these parts in turn to see how we measure the uptake of DNSSEC and what kind of result we’re seeing.