First generic Top Level Domain signs up to DNSSec

The .org domain can now accept extensions signed with DNSSec

The .org generic Top Level Domain has become the first to deploy the DNSSec protocol, a key upgrade to the internet designed to protect against man-in-the-middle and other DNS attacks.

Alexa Raad, chief executive of .org, announced at a press conference at the international Icann meeting in Brussels today that "as of three hours ago" the organisation had opened its doors to .org extensions signed with DNSSec.

"The public's interest is at the core of our mission at .org, especially as internet use continues to grow exponentially," she added.

"DNSSec serves as tamperproof packaging for DNS by preventing identity theft as a result of man-in-the-middle attacks, and enabling innovation in applications that rely on DNS."

Rod Beckstrom, president and chief executive of Icann, suggested that the internet community had taken a significant step towards a more secure DNS.

"It would be a mistake to think that DNSSec is going to solve all the problems involved in cyber security," he said.

"But it is no less a mistake to underestimate its importance in moving the internet towards a more secure environment where online users can receive assurance that they've ended up at the web site to which they want to go."

Leslie Daigle, chief internet technology officer at the Internet Society, home of the Internet Engineering Task Force standards body that developed DNSSec, explained that the protocol is just a building block to securing the internet ecosystem.

"It is important now to look at what technologies and services can be built with this building block," she said.

"Seeing what the banking industry can build out, for example. It won't come with a lot of fanfare, but will raise the level of security and trust in transactions."

Appropriately the Internet Society announced that it had become the first .org domain to deploy DNSSec, for its ISOC.org domain.