DNSSEC stands for Domain Name System Security Extensions and is an extension of the old DNS system. The use of DNSSEC provides DNS records with a digital signature and makes it possible for the requester of a DNS record to validate this request. It is therefore impossible to perform DNS spoofing or man-in-the-middle attacks. To enable DNSSEC, DNS servers are provided with a system that adds asymmetric cryptography. This makes it possible to “sign” requested DNS records with a private key. The requester can then use a public key to verify the authenticity of the received information.