Search DNSSEC Blog


Tuesday, July 28, 2009

Experts Show the Way Towards a Better, More Secure Internet for Everyone

Internet Society - STOCKHOLM - Some of the world's leading experts met in Stockholm today to discuss how the Internet can become more secure through a full implementation of new security standards in the Domain Name System (DNS).

The Domain Name System is a critical operational element of the Internet, creating a user-friendly environment that allows names to be mapped to host addresses (for example, web and email servers). However, this system is not safe from tampering. Earlier this year, one of Brazil's biggest banks suffered an attack that redirected its customers to fraudulent websites that attempted to steal passwords and install malware.

Many experts are calling for a full-scale implementation of Domain Name Security Extensions (DNSSEC) which could protect the Internet from these types of attacks, such as the Kaminsky Bug. Patrik Wallström of .SE (the Top Level Domain Registrar for Sweden) explained that Kaminsky attacks can trick Internet users by taking over domain names and redirecting queries to another server. All applications are at risk including among others our email and online transactions.

Leslie Daigle, Chief Internet Technology Officer of The Internet Society (ISOC), which organized the event: "DNSSEC effectively wraps tamper proof packaging around the data being requested to assure the user that the information is what was shipped from the authentic source."

"While DNSSEC isn't a magic bullet, it is a very important starting point that allows us to start evaluating how to secure the many applications that are intertwined with the Domain Name System," explained Jim Galvin, speaking on behalf of the Public Interest Registry that manages the .org domain name.

Richard Lamb, DNSSEC Programme Manager of ICANN added that "momentum has been building up. Today there is a generalized awareness that we need to implement the security extensions already at the root of the domain name system. With the widespread deployment of DNSSEC, we will be able to create a platform for innovation, new product development and international cooperation."

Matt Larson, Vice President of DNS research at VeriSign, one of the world's leading providers of network infrastructure services discussed VeriSign's plans for deploying DNSSEC in .com and .net. He said: "We are committed to the application of DNSSEC and have had a long history of involvement in its development. We are planning to have .net signed by the end of 2010 and .com signed in early 2011."

Securing the DNS panelists:

Patrick Wallström, SE Richard Lamb, ICANN Olaf Kolkman, NLnet Labs Leslie Daigle, The Internet Society Jim Galvin, Public Interest Registry Matt Larson, VeriSign
More details of the event, including presentations at:

Source: Internet Society - Retrieved on July 28th from

No comments:

Post a Comment