Register of National Internet Domain
Names of Serbia (RNIDS) organised the DNSSEC implementation
workshop on 16 and 17 May at hotel ‘Moskva’ in Belgrade with Patrik
Wallström and Rickard Bellgrim from the Swedish national registry as
lecturers.
The workshop gathered about thirty participants who dealt with installing and
maintaining DNS servers. DNS is considered to be one of the pillars the Internet is build on and thus
the security and accuracy of data provided by DNS is critical for the survival
of the Internet as an ordered space.
DNSSEC (Domain Name System Security Extensions) is a set of extensions for DNS servers
increasing the security of DNS service users by cryptographically
signing DNS responses using the public key so that their authenticity can be
checked. Signing entire zones on DNS servers enables the confidence first among
various DNS servers
that exchange information and then with the end user who gets the accurate and
unchanged information about the location of a particular server.
Malicious activities of modifying the content of a DNS cache, which are well
known, imply entering false, altered IP addresses of particular servers into
the cache. If the user searches for www.some-bank.rs, instead of the correct IP address he will get the one that
the attacker has entered into the DNS cache and thus directed the user to a
wrong website where he could be required to provide his confidential
information. DNSSEC prevents precisely such problems.
RNIDS plans to introduce DNSSEC for the local .RS and .СРБ Internet domain
space and in doing so join the European registries which have already enabled
it to their users.
