Securing the last mile of DNS with CGA-TSIG

Published: Wed 08 January 2014
Last updated: Wed 21 February 2024

TSIG with shared keys is not scalable as a solution for the DNS last mile problem. CGA-TSIG extends TSIG with CGA so that shared secrets are no longer required. This research investigates the CGA-TSIG proposal by doing a security analysis and by making a PoC implementation in ldns.

Related links: