What is DNSSEC?
DNSSEC (Domain Name System Security Extensions) is an Internet security protocol designed to detect and stop the interception and alteration of data on authoritative servers. DNSSEC provides the Internet user with the credibility that the website he is visiting truly corresponds to the one located at the address he entered in the Internet browser.
The introduction of DNSSEC is a long-term strategy for ensuring a higher level of Internet security, and its introduction not only protects users and their data, but also helps build a more secure system globally.
Who can/should use it?
Internet users do not need to take any additional steps. If the ISP (Internet Service Provider) supports DNSSEC, then users are protected and security checks are performed on the ISP's DNS servers.
Holders of the .hr domain in the domain administration, independently or through an authorized registrar, enter DS records (delegation signer) and thus enable the use of DNSSEC. DS records are provided to the domain holder by the hosting service provider where the websites are hosted.
It is important to point out that due to the distributed nature of the DNS system, DNSSEC needs to be supported by a large number of DNS service providers in order for its usability to be relevant.