Search DNSSEC Blog


Wednesday, June 15, 2011

ICANN Leaders to Discuss Generic Top-Level Domains

"(The Hosting News) – Rod Beckstrom, ICANN’s President and Chief Executive Officer will join Board Chair Peter Dengate Thrush and Senior Vice President Kurt Pritz at news conference immediately following an historic special meeting of the ICANN Board of Directors to decide the future of new generic top-level domains (gTLDs).

The potential expansion of new gTLDs could mark one of the biggest changes ever to the Internet’s Domain Name System."


Monday, June 6, 2011

Getting started with a DNSSEC implementation

"Can you clarify what fixes are being implemented to the DNS system (via DNSSEC) to make it more secure? Do enterprises need to take any action in turn or will these DNS security improvements be transparent?

Attackers sometimes attempt to manipulate DNS records through cache-poisoning attacks that insert malicious false DNS records into a server. Attackers hope these records will be distributed to client machines, which will then unknowingly guide users to malicious webpages.

Until recently, there was little that could be done on the client side to defend against this type of attack.  But the release of the DNS Security Extensions (DNSSEC) changes that, allowing for the application of digital signature technology to DNS records, and providing the end user with assurance that the record is authentic.
The idea to secure DNS has been around for over a decade, but it took time to work out the details, and adoption has been quite slow.  Over the past year, the idea picked up some steam, especially after the publicity surrounding the DNS vulnerabilities that Dan Kaminsky announced at 2010 Black Hat Briefings conference.  Major network and hosting providers such as Comcast and GoDaddy have joined the federal government in deploying DNSSEC.

If you want to get started with a DNSSEC implementation"

Source: Getting started with a DNSSEC implementation, By Mike Chapple, Contributor,, Retrieved on June 6, 2011 from