Home / Industry

Verisign Achieves Critical DNSSEC Milestone by Deploying Security Extensions in .com TLD

Verisign, Inc. announced today that .com — the Internet's largest domain with more than 90 million domain name registrations worldwide — now supports DNS Security Extensions (DNSSEC).

Deploying DNSSEC in the .com domain signals that Verisign has achieved a critical milestone in improving the integrity of Internet communications and the security of Domain Name System (DNS) transactions. This achievement comes after years of close and careful collaboration between Verisign, the Internet Corporation for Assigned Names and Numbers (ICANN) and a variety of Internet stakeholders, from registrars and Internet Service Providers (ISPs) to hardware and software vendors.

"By reaching this critical milestone in DNSSEC deployment, Verisign and the Internet community have made enormous strides in protecting the integrity of DNS data," said Pat Kane, senior vice president and general manager of Naming Services at Verisign. "But the threats against the Internet ecosystem — whether targeting the DNS or elsewhere — are unrelenting. That's why Verisign continually invests to ensure the security and availability of the Internet infrastructure."

DNSSEC helps close a known vulnerability within the DNS that has increasingly become a target for hackers and identity thieves. The security extensions apply digital signatures to DNS data to authenticate the data's origin and verify its integrity as it moves throughout the Internet. The extensions are designed to protect the DNS from man-in-the-middle attacks that corrupt DNS data stored on recursive name servers. With DNSSEC, poisoning a recursive name server's cache is much more difficult because DNS administrators sign their data. The resulting digital signatures on that DNS data are validated through a "chain of trust."

Gartner Research Director Lawrence Orans added, "The importance of DNSSEC in solving issues of trust on the Internet has reached a tipping point with the signing of .com — one of the most significant milestones in the history of DNSSEC to date. However, there is still more work to be done and the effective deployment of DNSSEC requires collaboration from all parties in the Internet ecosystem."

The deployment of DNSSEC in .com follows Verisign's successful 2010 DNSSEC roll-out in .net in December, .edu in August and the collaborative effort between Verisign, ICANN and the U.S. Department of Commerce to sign the DNS root zone in July. To support and encourage DNSSEC implementation, Verisign also operates a DNSSEC Interoperability Lab. Staffed by Verisign personnel, the lab helps solution providers, ISPs and others ensure the Internet communications ecosystem is ready for DNSSEC.

Verisign provides the registrar community with a variety of tools to reduce the cost and complexity associated with implementing DNSSEC. To assist in driving adoption, the DNSSEC Signing Service is being offered to registrars to help them incorporate signing and provisioning into their infrastructure, while reducing the administrative burden of providing DNSSEC support for their customers. In addition, the Verisign DNSSEC Analyzer is an iPhone application that can assist in diagnosing problems with DNSSEC-signed names and zones. The Verisign Network Intelligence and Availability (NIA) group is also helping domain owners ease the complex management necessary to operate a signed zone by integrating DNSSEC support into its unrivalled Managed DNS service.

Verisign's DNSSEC efforts dovetail with the company's "Project Apollo" initiative, which will dramatically strengthen and scale the .com infrastructure by the year 2020. To achieve this, Verisign is scaling, and in some cases revamping, the infrastructure that keeps .com running. Verisign's 2020 technology roadmap calls for it to increase capacity 1,000 times today's level of 4 trillion queries to manage 4 quadrillion queries per day. The increased capacity will support normal and peak attack volumes based on what the company has experienced as well as Internet attack trends.

About Verisign

Verisign

As the global leader in domain names, Verisign powers the invisible navigation that takes people to where they want to go on the Internet. For more than 15 years, Verisign has operated the infrastructure for a portfolio of top-level domains that today include .com, .net, .tv, .edu, .gov, .jobs, .name and .cc, as well as two of the world's 13 Internet root servers. Verisign's product suite also includes Distributed Denial of Service (DDoS) Protection Services, iDefense Security Intelligence Services and Managed DNS. (Learn More)

Related topics: DNS, DNSSEC, Domain Names, Registry Services, Security, Top-Level Domains

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Did the DPRK Hack Sony?

The Empire Strikes Back: "New" Verisign Hums a Familiar Tune

Thirty-Three Million and Counting

The Real Facts About New gTLDs

Can Big Companies Stop Being Hacked?

Related News

Topics

Industry Updates – Sponsored Posts

Season's Greetings - 2014 End of Year Message from DotConnectAfrica

Minds + Machines in 2014 and 2015

New .VOTE and .VOTO Domains Launched

Consumers Prefer the .ORGANIC Domain for True-Organic Goods

DNW Podcast Interview with Antony Van Couvering

TLD Registry and Right of the Dot Establish a Domain Name Industry "Dream Team"

TLD Registry Ltd Welcomes New Board Members

New .LGBT Top-Level Domain Launched

.sydney Domain Names Now Available in Pre-Release

"Chinese Domaining Masterclass" to be Presented at NamesCon Las Vegas in January 2015

Auction and Sales Channel Update

Radix Set to Launch .SITE TLD in 2015

Annual Manthan Award Event This Week

Domain Name .Africa Faces Hurdles - Q&A with Sophia Bekele

Join Paul Vixie & Robert Edmonds at the Upcoming Distinguished Speaker Series

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

LogicBoxes Announces Automation Solutions for ccTLD

List of New gTLD Availability & Key Information Provided for Download

Radix Launches .Space for Individuals, Freelancers and Professionals

TLD Registry Wins Best Marketing Award at China New gTLD Roadshow

Sponsored Topics

dotMobi

Mobile

Sponsored by
dotMobi
Verisign

Security

Sponsored by
Verisign
Afilias

DNSSEC

Sponsored by
Afilias
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines