Coalition to Secure DNS Takes Shape
Dec 08, 2008, 23:34 (0 Talkback[s])
(Other stories by Sean Michael Kerner)
""DNS (define) is critical to the functioning of the Internet,
linking IP addresses with domain names. Thanks to security
researcher Dan Kaminsky, awareness around the DNS and its
shortcomings have been greatly elevated this year. DNSSEC is a key
solution to ensuring that the DNS cache poisoning attack that
Kaminksy first warned about cannot occur.
""Collaboration of this kind is how DNSSEC was developed in the
first place, and it's how BIND's DNSSEC feature development was
sponsored," Paul Vixie, a leading authority on DNS and the founder
of Internet Systems Consortium (ISC) told InternetNews.com. "Now
it's the thing I suspect a lot of IT managers are waiting for so
that they can relax a little bit and see DNSSEC as
non-controversial, worthy of investment."
"DNSSEC provides a form of signed verification for DNS
information, which is intended to assure DNS authenticity. Vixie's
BIND DNS server has had DNSSEC capabilities since 2004, though
global deployment of DNSSEC has been in the single digits due to a
number of implementation related challenges."