Dot-org domains can now be protected by DNSSEC

The technology will help protect against man-in-the middle attacks

Mikael Ricknäs (IDG News Service)
24 June, 2010 02:56
Comments

On Wednesday, .org became the first generic top-level domain to offer its customers improved security using DNSSEC (Domain Name System Security Extensions).

DNS is a key building block of the Internet. The technology's most important task is translating IP (Internet Protocol) addresses to host names. When DNS was born in the early days of the Internet it was designed to scale up fast, and a trade-off was made between that and security, according to Alexa Raad, CEO at .org. The implementation of DNSSEC will help change that and protect users against man-in-the middle attacks, she said.

For users, this means they can be sure that the site they are visiting is actually run by, for example, their bank, and not a hacker, as long as they go to the correct URL.

For the rollout of DNSSEC to take off, registrars, to which domains turn when they want to implement the technology, will have to be on board. Today, 13 of .org's registrars can handle DNSSEC, according to its Web site. That Go Daddy, the worlds largest registrar, is one of them, will help create a domino effect and get more registrants to implement DNSSEC, according to Raad.

For the proponents of DNSSEC it's been a long road. The technology has been under development for almost two decades, but now it is starting to pick up. Last week, the cryptographic key that will be used to secure the Internet's root zone was created.

The fact that a large generic top-level domain now has moved from testing to actually using DNSSEC is a stamp of approval, which signals that the technology is now ready, according to Jakob Schlyter, IT security advisor at Swedish consultant Kirei. When Verisign starts offering DNSSEC on .net towards the end of the year and then soon after that on .com other domains will follow, he said.

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email TechWorld
Follow TechWorld on twitter

More about: SEC, VeriSign

References show all

DNS security reaches 'key' milestone

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Coverage

Related Whitepapers

TechWorld Blogs

- + c

TalkingTech

The view from the top of IT with TechWorld Editor Rohan Pearce

Recent blog posts

Latest Jobs

Zones

Twitter Feed

HamishBarwick In pictures: Capgemini opens new Canberra office http://t.co/EMDtHm3d #cw #cio #tw #capgemini

7 hours, 58 minutes
HamishBarwick Vodafone confirms spectrum licence renewal http://t.co/AXPovxwI #cw #cio #tw #vha #acma

9 hours, 12 minutes
glen_coates RT @Techworld_AU: How to build a B2B start-up (with @glen_coates from @handshake_app) http://t.co/ABLzaJId #startup #entrepreneur

9 hours, 40 minutes
HamishBarwick Telstra’s BigPond email to switch over to Windows Live http://t.co/ZysCYzTn #cw #cio #tw #telstra #bigpond #windowslive

11 hours, 59 minutes
HamishBarwick Sydney Water tender for data centre upgrade http://t.co/CNOjpqBv #cw #cio #tw #sydneywater

13 hours, 56 minutes