SIDN, the .nl registry, has announced that they have the intention to introduce DNSSEC for the .nl zone one month after the rootservers for the Internet are ’signed’. ICANN, the organisation which is responsible for the management of those rootservers, recently said that this would most probably happen in July 2010. This means that SIDN would introduce DNSSEC for the .nl zone in August 2010.
The switch from DNS to DNSSEC is meant to increase safety. In fact DNS is the phone book of the Internet. When you enter a domain name, you surf to a specific site since this domain name is translated to a certain ip-address. DNS realizes this transformation, it’s DNS that translates the name to the ip-address.
The current system is far from perfect. That’s not very suprising since the current DNS system is already 30 years old. 30 years ago, the group of Internet users and - providers was smaller and more based on trust. However, those days are over.
DNSSEC will increase security as it will add digital signatures to DNS requests. With this system, we could get rid of security problems such as the infamous “KAMINSKY leak”. Through his research KAMINSKY showed that through a bug in the security of DNS it is perfectly possible to hijack domain names and Internet applications. This bug would be a goldmine for malicious people, who can divert people to rogue sites, where for example credit card data could be copied. DNSSEC is the solution to this problem in the longer term.
According to Roelof Meijer, CEO of SIDN, August 2010 is the perfect time to switch to DNSSEC. ‘For us, stability was always a very important issue. We manage 3.6 million domain names, we simply can not afford that something would go wrong. Therefore we have always been reluctant towards a quick implementation of DNSSEC during the last few years,’ says Meijer. ‘By waiting until the rootservers of the Internet are ’signed’ by DNSSEC, we won’t need to use interim solutions which only benefits the stability,’ explains Roelof.
Posted under Uncategorized
This post was written by lieve on December 8, 2009