Warisin (VeriSign), the world's trusted Internet infrastructure provider, has unveiled its strategy to work with the Internet to deploy a DNS Security extension Protocol (DNSSEC) for the. com and. NET global top-level domains (top level Domains, TLDs). Through the collaboration of the Internet pan industry, Warisin, ICANN and the business community can help prevent Internet domain name Systems (DNS) from being "man-in-the-middle" and cache poisoning attacks.
When data is transmitted over the Internet, DNSSEC provides the possibility of strengthening the Internet infrastructure by verifying the authenticity of the domain Name System (DNS) data source and verifying its integrity. DNSSEC uses public key cryptography to digitally sign DNS data to protect the Internet from spoofed DNS data. Digital signatures Ensure that the data is from the specified source and that it has not been modified during the transfer process. DNSSEC can also prove that a domain name does not exist to protect Domain Name System (DNS) queries and responses from forgery hazards. This kind of forgery may rewrite the point of directing the user to a phishing site, or a Web site graft, or a "man-in-the-middle" attack that intercepts communication between the two systems.
Warisin will strategically prioritize the prudent and methodical construction of DNSSEC and is currently working with Educause and the U.S. Department of Commerce to deploy DNSSEC for. edu top-level domain names. Warisin uses the lessons learned from educause cooperation, combining the best practices of early DNSSEC implementation in various industries, starting with small scale, then gradually increasing the scale, and accumulating experience from deployment, expected by the first quarter of 2011, DNSSEC will be fully implemented on. NET and. com.
"Since the early 1990s, Warisin has been at the forefront of the DNS Security Extension Protocol (DNSSEC), the best time to deploy DNSSEC to. com and. NET," said Ken Silva, chief technology officer at VeriSign. Successful implementation of DNSSEC will involve the entire Internet ecosystem, from domain registrars, Internet service providers, to browser providers. Because the reliable functioning of. com and. NET is of great global importance, we must adopt a cautious and orderly approach in the construction process. Warisin promises to help registrars and Internet service providers develop decisions that are appropriate to their own circumstances. ”
"It is a great honor to work with Warisin and the U.S. Department of Commerce to add this important security element to the Internet," said Greg Jackson, vice president of strategy and analysis at the Educause, an information technology organization that oversees higher education institutions. Higher education relies increasingly on credible and reliable digital communications to achieve teaching, research and outreach. The new DNS Security Extension Protocol (DNSSEC) for the. edu top-level domain is a major advance in our industry and the internet industry. ”
Currently, Warisin is working closely with domain registrars and Internet service providers to assist them in implementing DNSSEC deployment strategies. This month, Warisin has launched an education training course to provide registrars, Internet service providers and the general public with tools and training to assess and implement DNSSEC protection. In addition, Warisin has established an "interoperability laboratory" within its research institutions to enable suppliers to assess the interoperability of their DNSSEC equipment. When you deploy DNSSEC to the. com and. NET top-level domains, Warisin invites the manufacturer of the computer and network equipment to enter its facilities to check the functionality and operation of the equipment.
"The DNS Security Extension Protocol (DNSSEC) is an important part of network security, but it is not omnipotent and it does not address many of the common threats to internet security," he said. This is why other protections are applied, such as extended authentication (EV) SSL certificates and dual-factor authentication, which are essential for everyone to achieve Internet security. ”
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.