Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/10/2010
05:24 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

DNSSEC Enabled For .INFO

Afilias enables DNSSEC for the .INFO top-level domain

DUBLIN, IRELAND – 9 September 2010 – Afilias, a global provider of Internet infrastructure services, today announced that it has enabled Domain Name System Security Extensions (DNSSEC) for the .INFO top-level domain (TLD). .INFO was officially signed on September 1, 2010 and its Delegation Signer (DS) records were entered into the DNS Root by the Internet Assigned Numbers Authority (IANA) on September 4th, allowing the .INFO zone to be validated using DNSSEC. The signing of the .INFO domain enhances global security for the seventh largest TLD in the world, home to more than 6.5 million registrations.

“The deployment of DNSSEC for .INFO continues Afilias’ long-standing commitment to ensure security in the domain name system,” said Ram Mohan, Executive Vice President and Chief Technology Officer for Afilias. “Once fully deployed in .INFO, DNSSEC will provide a trusted foundation to authenticate DNS queries and responses and prevent DNS hijacking.”

DNSSEC protects the DNS from cache poisoning exploits which can allow malicious entities to intercept an Internet users’ request to access a website, and redirect or eavesdrop on the user without their knowledge, and with no ability to reassert control. DNSSEC introduces digital signatures to the DNS infrastructure and automatically ensures that users are not hijacked and taken to an unintended destination.

While Afilias completed the largest registry DNSSEC deployment on behalf of the Public Interest Registry when it enabled DNSSEC for .ORG in 2009-2010, the signing of the .INFO zone represents the first step in Afilias’ recently announced “Project Safeguard” initiative, which will rollout DNSSEC across its registry and DNS platforms. Project Safeguard also includes an education and training program for Registrars to enable DNSSEC in their registration systems for website owners who intend to add DNSSEC signatures to their individual domains.

Now that the TLD is signed, Afilias will activate a “friends and family” period that will allow the public to gain experience with a select group of .INFO second level domain names that have also been signed. Shinkuro Inc. and Comcast have agreed to participate in this testing period. The list of “friends and family” domains includes: afilias.info, info.info, shinkuro.info, comcast.info, and 19 other domains from Comcast.

Later this year Afilias will be enabling DNSSEC for many of the other TLDs that it supports, in total adding DNSSEC for 13 more TLDs before the end of 2010. For more information on Comcast's participation, please see their DNSSEC Information Center: http://www.dnssec.comcast.net/

About .INFO .INFO was the first generic, unrestricted TLD to be launched since .com and is the most successful new TLD launched in over 25 years. Registrations in .INFO first became available in 2001. Since then, .INFO has grown to become the seventh largest TLD and fourth largest generic TLD in the world, with over 6 million domain names registered. .INFO Domains are currently available in ten Internationalized Domain Name (IDN) scripts. For more information on .INFO please visit www.info.info .

About Afilias Afilias is a global provider of Internet infrastructure services that connect people to their data. Afilias’ reliable, secure, scalable, and globally available technology supports a wide range of applications including Internet domain registry services, Managed DNS, and services in the RFID and supply chain market with its Afilias Discovery Services. For more information on Afilias please visit www.afilias.info.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-37759
PUBLISHED: 2021-07-31
A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
CVE-2021-37760
PUBLISHED: 2021-07-31
A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
CVE-2020-26564
PUBLISHED: 2021-07-31
ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have <!ENTITY content, create a .xml file for a generic survey template (containing a link to this .css file), and import this .xml file at the survey/admin/folderSurvey.do?action=viewImportSurvey['importFil...
CVE-2020-26565
PUBLISHED: 2021-07-31
ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList.do from parameter. This can be used to retrieve possibly sensitive serverInfo data.
CVE-2020-26806
PUBLISHED: 2021-07-31
admin/file.do in ObjectPlanet Opinio before 7.15 allows Unrestricted File Upload of executable JSP files, resulting in remote code execution, because filePath can have directory traversal and fileContent can be valid JSP code.