In order to provide more security for the Domain Name System (DNS), a group of large domain-name registries and registrars has got together with IT security providers and government agencies to launch a new workgroup: the “Registry Internet Safety Group” (RISG). The announcement was made by the Public Internet Registry, which operates the .org domain, and its backend provider Afilias. The group’s aims were presented by Afilias’ CTO Ram Mohan at the opening of this year’s Systems IT trade show. On the one hand, security incidents can be communicated quickly within the group, explained Mohan. On the other, the workgroup is also to develop its own regulations for ensuring optimum operational security in the domain registry business.

So far, other members of RISG include the big Neustar registry (.biz and .us) as well as the Dutch, Chinese and UK country-code domain registries. Furthermore, there are a number of major US registries as well as security providers Cyveillance, Symantec and Shinkuro and the US’ FBI. According to Mohan, a national European police authority has also expressed an interest. One big US corporation is still missing, however: registry market leader VeriSign.

As an example for “best practice” procedures, Mohan mentioned the promotion of separate passwords for the individual domains within a portfolio. Until now, the same password has often been used for all the domains held by one customer. This makes all the domains vulnerable if the customer’s account is compromised. The example also demonstrates why the new alliance goes beyond the existing institutions, said Mohan. “Symantec or Syveillance can send a password through their systems to find out whether it has made an appearance there”, he explained. However, the security providers are not part of ICANN (the Internet Corporation for Assigned Names and Numbers), he said.

RISG’s second field of duty is to provide a kind of CERT for the registry business. As soon as a partner discovers a new attack on the DNS, the relevant information is forwarded to all the other partners. The initiators hope that this way they can faster counteract cache poisoning attacks—which compromise the data in the temporary memory of web servers.

RISG was recently introduced at a meeting of the Council of European National Top Level Domain Registries (CENTR). Initial responses to the launch have been tentative. One observer asked, “Is this another committee which defines standards and keeps its competitors out?” “Perhaps this is a little bit of ‘security by press release’”, said another, but did concede that even that could be helpful.

This post has been reproduced here with kind permission from Heise Online.