auDA to trial DNSsec in .au

By

Updated: Four month test.

The .au Domain Administration will kick off a trial of Domain Name System Security (DNSsec) to cryptographically sign and secure the .au domain zone.

auDA to trial DNSsec in .au

DNSsec is a set of security extensions that provide for authentication of domain name system queries.

The chief executive of auDA, Chris Disspain, told iTnews the layer of security that is introduced can be built upon, and forms part of the chain of trust in the DNS.

"Once validation is ubiquitous business and users can take advantage of this trust by having the confidence that the website they are viewing is as intended by the domain name owner," Disspain said.

"Business and end user data is captured, viewed and stolen everyday. This is done through attacks such as cache poisoning, man-in-the-middle-attacks or via malicious resolvers," he said. 

"Confidence in online transactions has been reduced over the last decade as more and more sophisticated methods of attack have emerged."

auDA said while DNSsec adds a layer of security and trust through authenticated and verified queries and responses, it also carries risks to operators.

Errors in signed DNS zones can cause problems including making the zone appear offline or look bogus to validating resolvers, auDA said.

The trial comes after the auDA spent 18 cautious months testing on multiple systems in preparation for signing the .au zone.

Testing of the DNSsec deployment will continue in April, when the .au zone will be signed. auDA warned the .au zone would be considered experimental, and Delegation Signer records would not be added to the top-level root DNS zone right away.

For that reason, auDA said it was not suitable to generate and use an .au trust anchor in production enviroments while the testing takes place over the next four months.

After the trial, auDA is looking at submitting the DS records to the Internet Assigned Numbers Authority (IANA) to be included in the DNS root zone.

Disspain said that end-users don't have to do anything to take advantage of DNSsec, as it should become transparent with wider deployment.

auDA has set up a web page that details the .au DNSsec deployment, with an indicative timeline for its introduction this year.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
auaudadnsdnssecdomainsinfosecsecurity

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?