Archive for category News

New Year puts DNSSEC on resolution lists

Whether practical or predictive, several articles summing up 2009–or looking ahead to the new decade–put DNSSEC high on the list of cybersecurity solutions on their radar, including these articles:

  • PC World put DNS security among its “top 10 security nightmares of the decade,”   noting that DNS flaws uncovered in the past year “have hastened the move to newer standards, such as DNSSEC, which authenticates data in the DNS system, and a newer version of SSL/TLS. Look for the replacement of existing protocols to continue in the coming years.”
  • focused on five security industry themes for 2010, with the stepped-up pace of DNSSEC deployment among the themes to watch. From the article: “Fortunately there has been a lot of work behind the scenes as top-level domains are deploying DNSSEC, the next generation of DNS that supports encryption. Implementation until now has been slow. Digital signing of DNS requests and responses is already being supported by .gov and .org and universities are also deploying support. The .us zone was signed in December. The largest zone, .com, is not expected to sign on until 2011, but one expert said the domain could move faster, giving even more clout to DNSSEC this year.”
  • made 2010 predictions in security, calling 2010 “The Year of DNSSEC,” and quoting  Rodney Joffe, senior technologist at NeuStar and director of the Conficker Working Group that DNSSEC, “together with IPv6…will catapult the DNS to the front of everyone’s thoughts.” 

No Comments

Deployment watch: .pt,,,.de

DNSSEC deployment got a running start in the new year, producing these updates on deployment progress around the world:

  • Portugal’s .pt has been signed and in production beginning January 4.
  • December saw deployment of DNSSEC in, the Energy Sciences Network at the Lawrence Berkeley National Laboratory, which is a high-speed network serving thousands of U.S. Department of Energy scientists and collaborators worldwide.
  • January 1 brought DNSSEC deployment in the University of California Berkeley’s
  • DENIC has announced that Germany’s .de DNSSEC testbed is now running an NSEC3-enabled zone.

Help us stay up-to-date on your organization’s deployment news by submitting information about your DNSSEC deployment deadlines, test beds or other progress to info @

No Comments