VeriSign: Major internet security update by 2011
VeriSign has said a significant outstanding internet security vulnerability will be closed by 2011, after delays caused by technical aspects of the implementation.
The problem is that DNS, the Domain Name System that translates internet addresses such as website URLs into numerical values, can be seeded with false values and used to misdirect users. VeriSign told ZDNet on Friday that it will put in place DNSSEC, a protocol which will guarantee the origin and integrity of DNS data, for the .com and .net domains by the first quarter of 2011.
"Both .net and .com are very large domains," said Pat Kane, VeriSign vice president of naming services.
Kane added that ".net alone has more than 12 million domain names. Our first priority is to safely and securely implement DNSSEC, as it impacts the Domain Name System, one of the core building blocks of the internet".
VeriSign is currently working with Educause, an association that promotes higher education IT use, and the Department of Commerce (DoC), to deploy DNSSEC within the .edu top level domain (TLD). VeriSign said on Friday that it was progressively increasing the size of TLDs with DNSSEC deployed, to learn from that deployment.
More in http://news.zdnet.co.uk/security/0,1000000189,39877966,00.htm
See also the public release by Verisign on the above...entitled, VeriSign Announces DNSSEC Deployment Support Plans to Enhance Internet Security