Got this from Educause...
Robert Mathews (OSIA)
mathews at hawaii.edu
Thu Sep 3 16:51:41 UTC 2009
Apologies in advance, to those who, as administrators of EDU domains,
may have already received this from EDUCASE...
Finally, DNSSEC is going to make its way to ".edu" Are we ready? Has
resistance been obliterated?
Test-bed implementation.. Sept, '09....
--
-------- Original Message --------
Subject: Security of .edu Internet Domain to Increase
September 3, 2009, Washington, D.C.—EDUCAUSE and VeriSign announced
today the initiation of a
project to enhance Internet reliability and stability. By the end of
March 2010, the project will deploy a
security system known as Domain Name Security Extensions (DNSSEC) within
the .edu portion of the
Internet, which EDUCAUSE manages under a cooperative agreement with the
U.S. Department of
Commerce. When the project is completed, institutions whose domain names
end in .edu will be able to
incorporate a digital signature into those names to limit a variety of
security vulnerabilities.
The Domain Name System (DNS) is the part of the Internet that translates
names such as "educause.edu"
into numeric addresses (for example, 198.59.61.90). All Internet
applications—from electronic mail to online
banking—depend on the accuracy and integrity of this translation. Over
the years, Internet security experts
have discovered a variety of ways that DNS translation may be
compromised. The DNSSEC security system
limits the problem by allowing owners of domain names to provide a
digital signature that adds an extra level
of authentication to the translation process.
The project plan includes a test-bed implementation, targeted for
September 2009, to allow predeployment
testing by a number of selected campuses in a nonproduction environment.
Final deployment of DNSSEC
for .edu will build on the previously announced U.S. Department of
Commerce project to deploy DNSSEC
at the authoritative root zone of the Internet.
[ .... ]
More information about the NANOG
mailing list