Feds Tighten DNS Security On .Gov

Slashdot quotes a lengthy article in NETWORKWORLD that claims the feds have launched the largest-ever rollout of a new authentication mechanism for the Internet's DNS. All federal agencies are deploying DNS Security Extensions (DNSSEC) on the .gov top-level domain. DNSSEC prevents hackers from diverting web traffic from legitimate sites and redirecting it to sham sites. The Internet standard prevents spoofing attacks by allowing websites to verify their domain names and corresponding IP addresses using digital signatures and public-key encryption.

Chief Internet Technology Officer for the Internet Society Leslie Daigle says that with DNSSEC deployed, federal Web sites “are less prone to be hacked into, and it means they can offer their services with greater assurances to the public."

The U.S. government DNSSEC mandate is "significant" according to Olaf Kolkman, DNSSEC expert and director NLnet Labs, a nonprofit R&D foundation in the Netherlands who says:

"First, the tool developers will jump in because there is the U.S. government as a market….Second, there is suddenly a significant infrastructure to validate against.’’

See complete article at NETWORKWORLD.