From: InfoSec News (alertsinfosecnews.org)
Date: Mon Apr 06 2009 - 00:29:03 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://gcn.com/articles/2009/04/06/nist-dnssec-in-play.aspx

By William Jackson
GCN.com
April 03, 2009

The digital signing of the .gov top-level domain in February completed
the first step of the implementation of DNS Security Extensions (DNSSEC)
in the government’s Internet space. The next step is for agencies to
sign their second-level domains by the end of the year.

It is not a simple process, which is one of the main reasons DNSSEC has
not been widely deployed across the Internet’s Domain Name System
despite its well-known vulnerabilities.

“There is a steep learning curve in deploying DNSSEC,” said Scott Rose,
a computer scientist at the National Institute of Standards and
Technology, the agency that is writing the rules for deployment. DNS
typically takes little management. However, once DNSSEC is deployed,
there is the constant chore of generating and managing cryptographic
keys and signing and re-signing data.

But NIST is doing more than writing about it. The agency has had DNSSEC
deployed in the NIST.gov domain for more than a year.

[...]

_______________________________________________
Best Selling Security Books and More!
http://www.shopinfosecnews.org/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]