VeriSign vows to tighten web security

VeriSign claims that its DNS Security Extensions will strengthened the internet's infrastructure

Networking infrastructure firm VeriSign has promised to deliver a significant boost to internet security in the next couple of years.

The firm said that it had worked with the internet community, including the Internet Corporation for Assigned Names and Numbers, in the development of DNS Security Extensions (DNSSec) which will be deployed across .com and .net top level domain names.

VeriSign claimed that its system will strengthen the internet's infrastructure, helping to protect against DNS poisoning and man-in-the-middle attacks.

"VeriSign has been at the forefront of the DNS Security Extensions effort since its beginnings in the early 1990s, and now the time is right for .com and .net," said Ken Silva, chief technology officer at VeriSign.

"Successfully implementing DNS Security Extensions will involve the entire internet ecosystem, from registrars and ISPs to browser vendors. Because the reliable operation of .com and .net is crucial around the world, we must take a cautious and orderly approach to this rollout."

The firm explained that its new system will give DNS data a digital and encrypted signature, making it possible to authenticate and verify its integrity. However, VeriSign warned that there is more work to do, and called on stakeholders to participate.

"DNS Security Extensions is an important component of cyber security, but not a silver bullet. It does not solve many of the most common threats to internet security," said Silva.

VeriSign has already rolled out the system to the .edu domain as a sort of early test, and will work with ISPs and other groups including registrars to inform them about the system, and assist in implementations.

The company anticipates completing DNSSec implementation on .net and .com by the first quarter of 2011.