.ORG domain names will have additional security enabled as of 30 June this year, the Public Interest Registry (PIR), the registry for .ORG, has announced. The registry says it intends to enable full DNSSEC deployment in the .ORG registry by accepting second level signed .ORG zones beginning in June of 2010. This positions .ORG as the first generic top-level domain (TLD) to offer full DNSSEC deployment.
There are approximately 7.5 million registered .ORG domain names and the deployment caps off a two-year testing period of DNSSEC.
“We applaud PIR’s leadership in the deployment of DNSSEC in the gTLD space,” said Rod Beckstrom, president and chief executive officer of ICANN. “Opening up general registration of signed zones in .ORG is a major step forward.”
All registrars can now plan to offer an additional security service to their customers. The benefits of DNSSEC include the ability to thwart the increasing predominance of attacks like pharming, cache poisoning, and DNS redirection that have been used to commit fraud, distribute malware, and/or identity theft. DNSSEC, an upgrade to the internet infrastructure, protects Internet resolvers (clients) from forged DNS data, such as that created by DNS cache poisoning.
“This announcement, coupled with recent ones by Comcast, various ccTLDs and even ICANN, is an important signal not only for application providers, ISPs, and telcos, but also for registrars to begin planning their implementation and addressing the customers’ need for enhanced security,” said Alexa Raad, chief executive officer of PIR. “Ensuring Internet security and stability are among our highest priorities. Being the first to fully deploy DNSSEC positions .ORG registrants will be amongst the first to safeguard their users from escalating security threats, especially as Internet usage continues to grow exponentially.”
Launching signed delegations, with the technical support of Afilias, is the final step in PIR’s phased approach to fully deploying DNSSEC within the .ORG zone. A rigorous “friends and family” testing phase, started in June of 2008, has enabled PIR not only to thoroughly test and address operational and deployment issues related to zone management, key distribution and rollover, but also to assist registrars in the development and deployment of the service.
All interested registrars must pass a mandatory DNSSEC Certification Test. For more information regarding .ORG DNSSEC initiatives and information, please visit: pir.org/dnssec.
To register your .ORG domain name, check out America Registry here.