DIC: Domain Name Registries to Promote DNSSEC

Dec 04, 2008

The DNSSEC Industry Coalition (DIC) was founded in the U.S. with the goal to drive further development and acceptance of the DNSSEC security protocol. The consortium includes a half dozen top Domain Name Registries and software developers that are currently laying out an action plan.

Despite regular crises in the Domain Name System (DNS) and weaknesses of relevant software, such as shown by recent DNS attacks, the DNSSEC protocol has had a slow adoption rate. According to a recent survey by the Measurement Factory, among the estimated 11.9 million existing nameservers only a minute proportion use DNSSEC. The coalition intends to address this issue.

Certain registries have found common ground. Among them are the ones for the top domains .org, .info, .edu, .com, .net, and for country specific ones like .se, .uk, .tv and .cc. Add to these software providers such as ISC and BIND, which is by far the greatest provider of nameserver software.

In their announcement, the members of the DNSSEC Industry Coalition promise to develop common tools and applications to make DNSSEC easier to adopt. They also intend to set an example. The effect this will have on users outside the big ISPs is still to be seen. Technical solutions for DNSSEC have existed for a long time, but top name registries have been reluctant to adopt them up to now.

Related content

  • DNSSEC

    Some Internet exploits target name resolution servers. DNSSEC uses cryptography to protect the name resolution service.

  • Security Lessons: DNSSEC

    One of the largest holes in the Internet is finally plugged.

  • ISC Begins BIND 10 Development

    After 10 years the industry-independent Internet Systems Consortium (ISC) is embarking on a completely new BIND implementation with BIND 10. Its patrons and sponsors should ensure that the market leader in DNS implementation is more secure, flexible and highly scalable, although developers are keeping the details close to their chests at present.

  • Charly's Column: Nameserver Diagnostics

    Many administrators rely on Linux tools whose fate is already sealed, but external forces can help people let go of old habits.

  • 25C3: Dan Kaminsky Invokes DNSSEC

    Dan Kaminsky, front man of the DNS attacks band the middle of 2008, has delivered a retrospective at the 25th annual Chaos Communication Congress (25C3) on the background and process of DNS vulnerability. But he also set his sights on the future. And outside-the-box thinker Dan J. Bernstein also had a thing or two to say.

comments powered by Disqus

Issue 168/2014

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)

News

njobs Europe
What:
Where:
Country:
Njobs Netherlands Njobs Deutschland Njobs United Kingdom Njobs Italia Njobs France Njobs Espana Njobs Poland
Njobs Austria Njobs Denmark Njobs Belgium Njobs Czech Republic Njobs Mexico Njobs India Njobs Colombia