DNSSec ensures that when you do a DNS query, the IP address that you receive is the actual IP address the domain operator placed into the DNS server. It basically performs the same function for DNS that the HTTPS certificate performs for HTTP. All this does is ensure that the user has the correct IP address. A subsequent request for data at that IP address can still be hijacked my a MITM if HTTPS is not used.Originally Posted by whiteflags
