Government implements DNSSEC on the .gov domain

The government has digitally signed the .gov top-level domain, effectively implementing the Domain Name System Security Extensions (DNSSEC) protocols throughout the top tier of the federal Internet space.

“On Feb. 28, 2009, DNSSEC became operational on .gov after the program successfully completed all required DNSSEC testing,” the General Services Administration, lead agency in the program, said today in a statement.

The signing came one month after the January deadline set by the Office of Management and Budget in August. The deadline had been pushed back when GSA officials found during testing that an additional feature was needed in the DNSSEC software being used.

“The .gov DNSSEC public key was registered [Feb. 28] with the Internet Assigned Numbers Authority (IANA) Interim Trust Anchor Repository (iTAR) and became available for use as the published trust anchor for .gov validation,” GSA said in its statement. “The .gov Top Level Domain is now considered an active DNSSEC signed zone.”

The next step in the governmentwide effort to better secure its DNS is for agencies to begin deploying DNSSEC within their second-level domains, such as gsa.gov, by the end of the year.

Source: Government Computer News, "Government implements DNSSEC on the .gov domain", William Jackson, Retrieved from gcn.com/articles/2009/03/05/dnssec-on-dot-gov.aspx from Mar 05, 2009