Corporation ICANN, manages the distribution of address space on the Internet, unanimously approved the request to switch the domain of public ORG from the old protocol to the security protocol DNSSEC. DNSSEC closes the fundamental vulnerabilities in the original DNS, which is vulnerable on several fronts, including cache poisoning, according to RU-CENTER. DNSSEC security is achieved through the use of digital signatures. By using such signatures, the computer asks for some IP-address of his full name, you can check the authenticity of the data. Vulnerability in the DNS protocol itself is not something new - they were discovered in the nineties of the last century, but the development of a replacement for DNS, which would solve the related issues of security, took more than eleven years. Early versions of the new DNSSEC protocol had various problems that delayed its implementation. ORG is not the first top-level domain, which implements DNSSEC: several countries have already adapted it for their national domains. To improve the reliability and security of the domain name system, ICANN proposes gradually transferred to a secure protocol all gTLD and ccTLD. This issue has been given much attention at the last last month the ICANN meeting in Paris.
No comments:
Post a Comment