NIST releases standards for securing domain names

The National Institutes of Standards and Technologies have released new guidelines for securing Domain Name Systems (DNS) today. Special Publication 800-81 details threats and how best to approach them as well as specific recommendations on secure configurations for DNS and their associated mechanisms.

Domain names have two unique characteristics that set them apart from other distributed systems: they have no defined system boundaries and no confidentiality, as Web site domains are essentially accessible to anyone. Conventional network-level attacks can cause denial-of-service and access problems.

NIST recommends that agencies implement appropriate system and network security controls for securing the DNS hosting, protect transactions such as name resolution data and data replication, and protect the query/response transaction using digital signatures. The publication also recommends enforcing content control of DNS name resolution using integrity constraints.

The publication can be downloaded in PDF format here:


  • 2020 Government Innovation Awards
    Government Innovation Awards -

    21 Public Sector Innovation award winners

    These projects at the federal, state and local levels show just how transformative government IT can be.

  • Federal 100 Awards
    cheering federal workers

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

Stay Connected