CircleID

Afilias plans to deploy Domain Name System Security Extensions in 13 more top-level domains

Afilias, a global provider of Internet infrastructure services, today announced that it will deploy Domain Name System Security Extensions (DNSSEC) across its registry platforms, signing 13 more top-level domains (TLDs) and increasing DNSSEC deployment among domain registries by 50 percent.

How prepared is your registrar to offer DNSSEC services to your registrants TODAY?
© Afilias Limited - Registrar DNSSEC Readiness Report. Aug 2010 (www.afilias.info)”Afilias has been a leader in DNSSEC deployment, including working closely with .ORG to plan, design and implement the .ORG DNSSEC strategy as early as 2007," said Ram Mohan, Executive Vice President and Chief Technology Officer for Afilias. "We are pleased to introduce DNSSEC across our registry and DNS platform, protecting TLDs in our care from DNS cache poisoning and man-in-the-middle attacks, while maintaining consistency and convenience for registrars and their customers."

DNSSEC development began in the early1990s, but only recently became ready for broad deployment as an additional security measure to protect the DNS from cache poisoning exploits. Recently referred to as the Kaminsky bug, this exploit can allow malicious entities to intercept Internet users' requests to access a website, and redirects or eavesdrops on these users without their knowledge, and with no ability to reassert control. DNSSEC introduces digital signatures to the DNS infrastructure and automatically ensures that users' are not hijacked and taken to an unintended destination.

To deploy DNSSEC for these additional TLDs, Afilias is introducing a new global strategy, launched under its "Project Safeguard" initiative. Project Safeguard includes a registry and DNS infrastructure upgrade across Afilias' global technology platforms to support DNSSEC. It also includes a year-long registrar training initiative to address technical issues concerning implementation of DNSSEC in registrar-registry transactions.

As part of Project Safeguard, Afilias conducted research across domain name registrars to understand the issues they face with DNSSEC deployment. Afilias' Registrar DNSSEC Readiness Report found that:

• Registrars think DNSSEC is a good idea, but are not yet fully prepared to offer consumer services. 80 percent of registrars believe that top-level domain (TLD) registries should offer DNSSEC. However 90 percent of registrars currently feel completely unprepared or only somewhat prepared to actually offer DNSSEC services to their customers as this time.
• 69 percent of Registrars plan to offer DNSSEC services in 2011 or beyond. 32 percent have no plan to introduce DNSSEC within the next 12 months.
• Consumer demand is the biggest challenge for registrars. 56 percent cite a lack of consumer demand as their biggest challenge impeding their DNSSEC implementation.
• Registrars also cite issues with deploying DNSSEC technology: For example, nearly 20 percent cite the management of DNSSEC keys as their number one concern, followed by more than 18 percent that cite overall DNSSEC technology and expertise.

"Our goal is to help registrars navigate the challenges of enabling the next generation of Internet security with DNSSEC, by providing a simple and singular enablement process to easily deploy DNSSEC across Afilias-supported domain registries," said Mohan. "The Project Safeguard initiative should ease the technical burden of DNSSEC deployment and could spur user adoption."

Afilias will deploy DNSSEC first in the .INFO domain in September, to be followed by TLDs that it supports in Asia, the Latin America/Caribbean, and Europe. Based on the proven strategy for the .ORG registry's successful DNSSEC deployment effort, Afilias will adopt a similar, careful, step-by-step approach. This strategy will include a "friends and family period" which will coincide with registrar outreach.

DNSSEC statistics source: DNSSEC Deployment Initiative - as of 13 August 2010 26 TLDs had deployed DNSSEC.

About Afilias

Afilias is a global provider of Internet infrastructure services that connect people to their data. Afilias' reliable, secure, scalable, and globally available technology supports a wide range of applications including Internet domain registry services and Managed DNS. (Learn More)

Related topics: DNS, DNSSEC, Registry Services, Security, Top-Level Domains