<<<
Chronological Index
>>> <<<
Thread Index
>>>
[ga] This will please Joe
- To: George Kirikos <gkirikos@xxxxxxxxx>, ga@xxxxxxxxxxxxxx
- Subject: [ga] This will please Joe
- From: JFC Morfin <jefsey@xxxxxxxxxxxxxxxx>
- Date: Fri, 29 Aug 2008 04:20:34 +0200
<http://www.heise-online.co.uk/security/The-US-to-implement-DNSSEC-in-all-federal-offices--/news/111417>
The US government has called on all federal offices to take measures
to prepare their domains for DNSSEC. Starting in January 2009, the US
government will use DNSSEC for all .gov top level domains Second
level domains for federal offices will follow. The move is the US
government's reaction to the increasing threat of cache poisoning
attacks on name servers, which make it possible to redirect even .gov
addresses to servers controlled by criminals.
With the DNSSEC extension, all responses to a name server are signed,
allowing the recipient to verify via public key infrastructure (PKI)
whether they are authentic responses derived from the responsible
name server. International implementation of DNSSEC has so far been
hampered by disagreements over who would control the PKI.
While the implementation schedule for DNSSEC appears to be rather
generous, federal offices tend to move rather slowly. Government
offices are scheduled to have their initial plans for the
implementation ready by early September. By December 2009 DNSSEC is
supposed to be established for all second level domains under .gov.
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|