RESTON, VA – A request by .ORG, The Public Interest Registry to bolster Internet security via the implementation of Domain Name Security Extensions (DNSSEC) was unanimously approved by the board of Internet Corporation for Assigned Names and Numbers (ICANN) at the recent Paris meeting. As the first generic Top Level Domain authorized to implement DNSSEC, .ORG also is preparing an education and adoption plan within the Internet infrastructure community.
DNSSEC is designed to protect Internet servers from domain name system attacks, such as DNS cache poisoning by malicious users. It is a set of DNS extensions which provide origin authentication of DNS data, data integrity, and authenticated denial of existence. A recent survey of nameserver and hosting providers within the Réseaux IP Européens (RIPE) community (http://ripe.net/ripe/) indicates that despite the high recognition of the need for DNSSEC, adoption will not be widespread until there is a signed root and implementation by gTLD registries.
"Given the recent spotlight in the news on DNS vulnerabilities and attacks, the unanimous approval by ICANN is a vote of confidence in our leadership on an issue of vital importance to the future of the Internet," noted .ORG’s CEO Alexa Raad. "Encouraging the adoption of needed technologies in the interest of the greater good is a core part of the .ORG mission. We will do our part but also look to ICANN for leadership in ensuring speedy execution to sign the root."
Steve Crocker, chair of ICANN’s Security and Stability Advisory Committee and CEO of Shinkuro, Inc, said, "Deployment of DNSSEC in .ORG is a big step forward for the security of the Internet. This will make secure DNS service available in the global gTLD community and thus available to everyone. I applaud .ORG, The Public Interest Registry for their leadership."
Information on the DNSSEC technical process may be found at www.dnssec-deployment.org.