The security extension will be taken into production in the fi-domain name service in autumn 2010, but the testing of the system begins in summer 2010. At this point no measures are required from Internet users or domain name holders, but network operators are responsible for the introduction of the security extension. The service will be opened for the users of Finnish domain names in March 2011.
DNSSEC (Domain Name System Security Extensions) is an extension to the domain name system, with the purpose of improving the information security of the name service. The name service can be compared to a telephone directory that covers the entire world, and every domain name (e.g. www.dnssec.fi) in this directory has been given a unique IP address (e.g. 18.104.22.168) of its own.
When DNSSEC is in use, all responses to name service queries are digitally signed. This technology allows you to ensure that responses to name service queries come from the correct sender and that the information has not been modified en route. In other words, DNSSEC guarantees the integrity and origin of information.
A key pair, consisting of a public key and a private key, is needed in order to create a digital signature. The private key is kept secret and the holder alone has access to it. The public key is published in its own record in the name service. The digital signature can be verified by using the public key corresponding with the private key.
This news release was sourced from:
To register your .FI domain name check out Europe Registry here.