The Internet Society welcomes the significant milestone recently reached in implementing DNSSEC at the highest level of the Domain Name System (DNS), and applauds the efforts by ICANN, Verisign, and the U.S. Department of Commerce that made it possible.
Leslie Daigle, chief Internet technical officer for the Internet Society, said, “We’re excited to see this capstone element of DNSSEC deployment put in place. It signals a new era for operational security of the Internet, and we look forward to new levels of user confidence in network activities using DNSSEC and the services built out from it.”
DNSSEC allows users to have more confidence in the online activities that are increasingly becoming a part of our lives at work, home, and school by acting like tamper-proof packaging for domain name data. For example, it ensures that a website name typed into a browser delivers the intended server IP address. DNSSEC also provides a platform for future innovations to further enhance user confidence in Internet-based services.
DNSSEC technology used today is the result of careful protocol engineering and standardisation within the Internet Engineering Task Force (IETF), the premier Internet standards body in the world; implementation by various DNS vendors; and operational trials by DNS operators.
Through the efforts of the Public Interest Registry, the entire .ORG top-level domain recently became the first top-level generic domain to implement DNSSEC. ). The Internet Society was among the first organisations in the .ORG top level domain to deploy DNSSEC for its ISOC.org and InternetSociety.org domains. DNSSEC is also currently implemented by several country-specific top-level domains: Brazil (.br), Bulgaria (.bg), Czech Republic (.cz), Puerto Rico (.pr), and Sweden (.se).
* DNSSEC Validator Firefox plugin