Service to ease implementation and promote adoption of DNSSEC.
VeriSign, Inc., a provider of internet infrastructure services, recently launched a new, in-the-cloud service to ease the implementation of Domain Name System Security Extensions (DNSSEC). The company avers that its DNSSEC Signing Service is being offered to Registrars to help them incorporate signing and provisioning into their infrastructure, while reducing costs, complexity and the administrative burden associated with implementing DNSSEC support for their customers.
According to it, DNSSEC provides an additional layer of security to the Internet by protecting against cache poisoning and man-in-the-middle attacks, in which forged data is used to redirect unsuspecting users to fraudulent websites and unintended addresses. DNSSEC is becoming essential to maintaining trust in the Internet; however, implementing DNSSEC can be a complex process. Registrars can use its DNSSEC Signing Service for the initial signing of second-level domain names (zones) as well as the periodic resigning and the ongoing management of keys associated with the DNSSEC protocol. Registrars will receive the benefits of a DNSSEC signing solution without investing in additional equipment and resources to sign and manage domains.
The company articulates that its DNSSEC Signing Service leverages its 15 years of experience in operating public key infrastructures and is run from within the company's secure facilities and network infrastructure. The service is ideal for Registrars that host their own DNS, but are not ready to invest in the engineering and infrastructure needed to sign domain names (zones) or manage keys for DNSSEC.
It states that its DNSSEC Signing Service performs the initial cryptographic signing, the regular re-signing of zone resource records and the ongoing management of key rollover schedules and the associated zone re-signing. The service is designed for Registrars who provide DNS hosting and management services for their Registrants without the additional complexity of signing and managing the keys associated with DNSSEC. The company is offering an evaluation period to its Registrar partners to review the service in order to facilitate integration of DNSSEC into their services for Registrants. The offer will run through the end of 2011.
"At VeriSign, we want to do everything we can to encourage the adoption of DNSSEC, which is an essential tool for securing the Internet," said Pat Kane, Assistant General Manager of Naming Services at VeriSign. "This new service, which takes advantage of VeriSign's strengths and core competencies, will help our Registrar partners provide their customers the security they need in a straightforward and cost-effective manner."
No comments:
Post a Comment