Skip to main content Skip to search
April 20, 2017

The DNS CERT Record Type Explained

NS1 now supports CERT resource records for storing certificates in DNS. Part of encrypting sensitive content involves verifying the authenticity of the sending and receiving parties. CERT records store and provide that information.

Defined by RFC 4398 which is updated by 6944, CERT resource records provide a space in the DNS for certificates and related certificate revocation lists (CRLs). These certificates verify the authenticity of the sending and receiving parties. The CRLs identify the certificates that are no longer valid.

Secure communications are essential for any business. One industry in particular that benefits from DNS CERT records for secure email is the healthcare industry. The healthcare industry handles millions of pieces of sensitive patient information every day. Organizations in this industry benefit from DNS CERT records that allow them to send patient information via secure email. Directtrust, a non-profit consortium of healthcare organizations, developed and promulgates the technology healthcare organizations can use to securely exchange healthcare information. This solution facilitates faster healthcare results for patients while keeping organizations in compliance with HIPAA regulations.

In addition to maintaining email security, you still need to follow DNS best practices on your network. Maintaining redundancy with a secondary DNS provider is essential to avoid a single point of failure in your DNS network. Both your primary and secondary DNS providers need to support CERT records in order to maintain redundancy for your encryption configuration.

NS1 is now able to add that security for your DNS needs along with all of the other benefits of our global DNS network. This solution is available whether you need primary DNS, secondary DNS, or both, using our Dedicated DNS solution. Get in touch with us to discuss your projects and goals for secure email with CERT records.