Home / Industry

DNSSEC FUD Buster: DNSSEC is Not Necessary?

  • Nov 06, 2008 12:55 AM PST
  • Views: 4,994
Print
By PIR  (Sponsored Post)

.ORG, The Public Interest Registry is pleased to announce the next guest blogger for our DNSSEC FUD Buster series. Ram Mohan is the Executive Vice President, & Chief Technology Officer of Afilias Limited. Ram has led the strategic growth initiatives at Afilias Limited in registry services and security as well as new product sectors such as RFID/Auto-ID, global DNS and Internationalized Domain Names (IDNs). He joined the ICANN Board of Directors in November 2008 as a non-voting liaison from the Security and Stability Advisory Committee (SSAC), a Board advisory committee comprised of Internet pioneers and technical experts including operators of Internet root servers, registrars, and Top-Level Domain (TLD) registries. Ram will provide valuable information to our readers on the importance of DNSSEC.

I hear some talk out there that DNSSEC is not necessary. This is troubling to hear for someone in my role as a CTO in a technology company working on critical infrastructure. DNSSEC is an addition to the existing Domain Name System (DNS) protocols. It is designed to add security to the DNS by protecting the Internet from specific attacks, namely data modifications (a.k.a. cache poisoning) and traffic hijacking. DNSSEC adds origin authentication of DNS data and authenticated denial of existence. If you run a large or medium sized enterprise, are using or plan to use Service Oriented Architectures (SOAs) or Cloud/Grid computing, you depend upon having servers and services accessible and available — and that the RIGHT service provider will respond to your website and email traffic.

Without DNSSEC, users accessing your critical services hosted on a cloud somewhere can be hijacked and taken elsewhere without their knowledge or control.

Imagine having services sitting on a SoA platform, with access to these services being mimicked by a hacker who redirects your users and steals critical information and causes your organization reputational (and financial) harm.

The bottom line is that without DNSSEC, no website or email is safe from a potential traffic hijacking. Internet security researcher Dan Kaminsky proved it can be done in just a few seconds.


About PIR

PIRTrusted across all ages, backgrounds and nationalities, .ORG is where people turn to find credible information, get involved, fund causes and support advocacy. .ORG, The Public Interest Registry empowers the global noncommercial community to use the Internet more effectively and, concurrently, takes a leadership position among Internet stakeholders on policy and related issues on behalf of the .ORG Community. (Learn More)

Related topics: DNS, DNSSEC, Registry Services, ICANN, Security, Top-Level Domains

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:
Print

Related Blogs

What Does It Take To Repair Trust? What Will It Take ICANN To Win Back "Trust"? (Part I)

  • Feb 08, 2012
  • Comments: 0

Is ICANN Opening up Public Comment Periods in Bad Faith?

  • Feb 07, 2012
  • Comments: 1

10 Reasons Why New gTLDs May Not Work For You

  • Feb 07, 2012
  • Comments: 0

Phish or Fair?

  • Feb 07, 2012
  • Comments: 4

New gTLD Application Monitoring? Now?

  • Feb 06, 2012
  • Comments: 1
View More

Related News

DNSChanger Trojan Still Running on Half of Fortune 500s, US Govt

  • Feb 02, 2012
  • Comments: 0

Public-Private Cooperation Policy for Cyber Security Suggested by Commissioner Kroes

  • Jan 31, 2012
  • Comments: 0

DDoS Attacks Increased by 2000% in Past 3 Years, Asia Generating Over Half of Recent Attacks

  • Jan 31, 2012
  • Comments: 0

NASA Website Blocked Due to DNSSEC Error

  • Jan 25, 2012
  • Comments: 0

Websites Go Dark Protesting SOPA and PIPA, Senators Change Course

  • Jan 18, 2012
  • Comments: 0
View More

Topics

Access ProvidersLaw
BroadbandMalware
CensorshipMobile
Cloud ComputingMultilinguism
CyberattackNet Neutrality
CybercrimeP2P
CybersquattingPolicy & Regulation
Data CenterPrivacy
DNSRegional Registries
DNSSECRegistry Services
Domain NamesSecurity
EmailSpam
EnumTelecom
ICANNTop-Level Domains
Internet GovernanceVoIP
Internet ProtocolWeb
IP AddressingWhite Space
IPTVWhois
IPv6Wireless
View More

Industry Updates – Sponsored Posts

Top Level Domain Holdings Raises $14M for New gTLDs

.ORG COO Discusses Priorities With DailyVista, Pursuit of .NGO Domain

  • By PIR
  • Views: 306

StarHub to Acquire '.starhub' New Top-Level Domain

ARI Registry Services Signs 21 Contracts in the First Week of New TLD Applications

MarkMonitor to Exhibit at Internet Tech Policy Exhibition and Reception to be Held on Capitol Hill

Sedari Signs With Dot Moscow Bidders

.ORG, The Public Interest Registry Welcomes Nancy Gofus As Chief Operating Officer

  • By PIR
  • Views: 692

Minds+Machines Works with .bayern

The New Domain For Japan, JP.NET, Launches With Exclusive Invitation to Trademark Owners

Verisign to Award New Infrastructure Research Grants

Being a .PRO When Choosing a Registry Services Partner

UK Cabinet Office Looks to BlueCat Networks' Expertise and Best Practices for Securing PSN

Afilias Acquires Registry Services Corporation, .PRO

Thoughts on Applying for a Generic Top-Level Domain

Sedari Launches "Guess the Numbers Game" for New TLD Program

dot Brand Makes Its Debut: Afilias Advises Companies to Act Now for Successful TLD Applications

BlueCat Networks Helps Organizations Transition to IPv6 with HP

BlueCat Networks to Host Webinar on DNS, DHCP and IPAM Featuring Independent Research Firm

Facets of gTLD Registry Technical Operations - Registry Services

Technology and Finance Industries to Dominate New gTLD Applications

View More

Hot Topics

Verisign

Security

Sponsored by
Verisign
dotMobi

Mobile

Sponsored by
dotMobi
Neustar UltraDNS

DNS

Sponsored by
Neustar UltraDNS
Afilias

DNSSEC

Sponsored by
Afilias
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
View More