SIDN, the company behind .nl, announced today that the Dutch country-code domain now has more than 1 million DNSSEC domain names. This milestone is reached exactely one month after the .nl domain became the internet domain with more DNSSEC-secured domain names than any other domain on the internet.
Roadmap
As the internet’s roadmap, the DNS has always been vulnerable to criminal threats such as cache poisoning and ‘man-in-the-middle’ attacks by unidentified parties. The perpetrators of such attacks can divert internet users to fake websites or intercept e-mail, even though the correct domain name
is used. These vulnerabilities were underestimated until 2008, when Dan Kaminsky demonstrated that the DNS was easy to manipulate. Kaminsky’s revelations gave urgency to the worldwide rollout of DNSSEC, which had been in progress for some time. DNSSEC tackles the problems identified by Kaminsky. It provides a method for ascertaining whether an incoming DNS response is authentic and originates from the right source. The practical outcome of that is that the DNS is more reliable. In July 2010, ICANN signed the root zone and a month later SIDN followed suit by signing the .nl zone with DNSSEC. Once that had been done, early adopters had the opportunity to have trust anchors added to the .nl zone file during a Friends & Fans phase. On 15 May 2012, SIDN implemented DNSSEC in its Domain Registration System, making it possible for .nl registrars to automate the processes of signing domain names. Detailed information about DNSSEC is available fromwww.dnssec.nl (in Dutch only).
Go to Original Article
