[menog] DNSSEC Surpasses 50%!

Fahd Batayneh fahd.batayneh at icann.org
Fri Jan 24 21:53:25 UTC 2014

(sorry for cross posting)





4-en.png> A graph with a blue background showing the number of signed TLDs
by month/year from 2010 to 2014

Through the hard work of many in the Internet community, the majority of
top-level domains in the root now deploys DNSSEC.


DNS Security Extensions provide the biggest security upgrade to Internet
infrastructure in more than 20 years. By deploying cryptographic records
alongside existing DNS records, DNSSEC-enabled systems can verify that the
information received from the DNS has not been modified in transit and is
what was intended by the Registrant who sent it.


The 50% milestone complements a long list of successful efforts by the
community and ICANN that have brought us to this point. Starting with the
development of the protocols to secure the DNS in the mid-90s, trendsetting
deployment by security-conscious TLDs (e.g., .se), government requirements,
public vulnerability discoveries (e.g., Kaminsky), deployment at the root by
an international team; to ISP and DNS operator (e.g., Google) support - the
trend is clear.


We have also witnessed and benefited from widespread deployment and support
of DNSSEC by some Registrars in some countries (e.g., .nl, .se). And with
DNSSEC support required of the over 1000 new gTLDs, we shall continue to
enjoy widespread implementation of DNSSEC at the infrastructure level.


But we still have a way to go. Without widespread deployment by Registrants
on their domain names, end users and content providers cannot benefit from
all of the security, and new and innovative opportunities that DNSSEC will
bring. However, with the help of Registrars, DNS operators, vendors, ISPs,
as well as the awareness and training efforts that ICANN and other
organizations provide, we hope that securing Registrant DNS content,
whatever it is, will become widespread and that Internet users may one day
enjoy the simple trusted experience that using the 'Net once was.


Rick Lamb


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.menog.org/pipermail/menog/attachments/20140124/aef3bcba/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 105855 bytes
Desc: not available
Url : http://lists.menog.org/pipermail/menog/attachments/20140124/aef3bcba/attachment-0001.png 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5543 bytes
Desc: not available
Url : http://lists.menog.org/pipermail/menog/attachments/20140124/aef3bcba/attachment-0001.bin 

More information about the Menog mailing list