The 38th ICANN meeting currently underway has seen both the Public Interest Registry and EURid both announce separately they will be deploying Domain Name System Security Extensions (DNSSEC) for the .ORG and .EU top level domains respectively. The move will see increased security for visitors to websites for the two TLDs.
In a press conference held today, the Public Interest Registry said they are the first large TLD (with over eight million registrations) to implement DNSSEC. The first domain name to be signed with DNSSEC was isoc.org.
Meanwhile on Monday EURid announced it has deployed DNSSEC.
As EURid explained, DNSSEC is a protocol that verifies and validates name server responses from the bottom up through a chain of trust, thereby making the domain name system more secure. It can prevent hackers from intercepting web traffic and redirecting it to fake websites that can trick people into supplying personal information, such as a counterfeit Internet banking site that looks like the real thing.
“At this time, few top-level domain registries support DNSSEC, but we encourage all in the community to help Internet users by embracing this protocol,” comments Marc Van Wesemael, EURid’s General Manager. He also noted that the DNSSEC protocol is an important achievement for EURid, which is constantly striving to improve the security of the domain names it administers.
DNSSEC though does not come cheap, but there are many benefits to consumers. DNSSEC will enable consumers to be certain they are visiting a legitimate site, something that is especially important for banks and even charities who have found there are people who will register domain names and establish websites to take donations, especially in the case of disasters as they happen around the world.
As Alexa Raad, CEO of .ORG, said at the ICANN meeting, being an early pioneer means it was more expensive to deploy DNSSEC, something she described as” not inexpensive”.
Raad said DNSSEC deployments for .ORG will see registrars able to ensure safer access to websites with three registrars making DNSSEC available to their customers and another twelve in the pipeline.
“Motivation for doing this is to lead the industry and it need not be a utopian vision,” said Raad but she also noted that it is not something that is likely to make a profit for .ORG.
At the .ORG news conference was Steve Crocker, Co-Chair of ICANN’s DNNSEC Deployment Initiative. He said that it took 18 or 19 years to develop DNSSEC, “a lot longer than expected”. But it was something that had huge support and cooperation among industry players, something Dan Kaminsky described as being amazing.
Looking to the future with new generic Top Level Domains (gTLDs) likely to be announced in the next one to years, the question of cost arose. But costs should fall significantly as the new technology is deployed and it is likely DNSSEC -of-the-box programmes will be developed to help existing and new registry operators implement DNSSEC. This will see costs reduce rapidly as the “technology is not inherently expensive” noted Crocker. The major costs have been in the development of the technology.
To register your .EU or .ORG domain name, check out Europe Registry here.