Afilias has announced it will deploy Domain Name System Security Extensions (DNSSEC) across its registry platforms, signing 13 more top level domains (TLDs) it operates including .INFO and increasing DNSSEC deployment among domain registries by 50 percent.
âAfilias has been a leader in DNSSEC deployment, including working closely with .ORG to plan, design and implement the .ORG DNSSEC strategy as early as 2007,â said Ram Mohan, Executive Vice President and Chief Technology Officer for Afilias.
âWe are pleased to introduce DNSSEC across our registry and DNS platform, protecting TLDs in our care from DNS cache poisoning and man-in-the-middle attacks, while maintaining consistency and convenience for registrars and their customers.”
In addition to .INFO, Afilias will deploy DNSSEC to .IN (India) and .ASIA by the end of 2010. In 2011, Afilias intends to deploy DNSSEC to the other TLDs it operates: .AERO, .AG (Antigua and Barbuda), .BZ (Belize), .GI (Gibraltar), .HN (Honduras), .LC (St Lucia), .ME (Montenegro), .MN (Mongolia), .SC (Seychelles) and .VC (St Vincent and the Grenadines).
DNSSEC development began in the early1990s, but only recently became ready for broad deployment as an additional security measure to protect the DNS from cache poisoning exploits. Recently referred to as the Kaminsky bug, this exploit can allow malicious entities to intercept Internet usersâ requests to access a website, and redirects or eavesdrops on these users without their knowledge, and with no ability to reassert control. DNSSEC introduces digital signatures to the DNS infrastructure and automatically ensures that usersâ are not hijacked and taken to an unintended destination.
To deploy DNSSEC for these additional TLDs, Afilias is introducing a new global strategy, launched under its âProject Safeguardâ initiative. Project Safeguard includes a registry and DNS infrastructure upgrade across Afiliasâ global technology platforms to support DNSSEC. It also includes a year-long registrar training initiative to address technical issues concerning implementation of DNSSEC in registrar-registry transactions.
As part of Project Safeguard, Afilias conducted research across domain name registrars to understand the issues they face with DNSSEC deployment. Afiliasâ Registrar DNSSEC Readiness Report found that:
- Registrars think DNSSEC is a good idea, but are not yet fully prepared to offer consumer services. 80 percent of registrars believe that top-level domain (TLD) registries should offer DNSSEC. However 90 percent of registrars currently feel completely unprepared or only somewhat prepared to actually offer DNSSEC services to their customers as this time
- 69 percent of Registrars plan to offer DNSSEC services in 2011 or beyond. 32 percent have no plan to introduce DNSSEC within the next 12 months
- Consumer demand is the biggest challenge for registrars. 56 percent cite a lack of consumer demand as their biggest challenge impeding their DNSSEC implementation
- Registrars also cite issues with deploying DNSSEC technology:Â For example, nearly 20 percent cite the management of DNSSEC keys as their number one concern, followed by more than 18 percent that cite overall DNSSEC technology and expertise.
âOur goal is to help registrars navigate the challenges of enabling the next generation of Internet security with DNSSEC, by providing a simple and singular enablement process to easily deploy DNSSEC across Afilias-supported domain registries,â said Mohan. âThe Project Safeguard initiative should ease the technical burden of DNSSEC deployment and could spur user adoption.”
To register your .INFO or any other domain name, check out Europe Registry here.