http://gcn.com/articles/2009/07/27/update1-esnet-dns-security.aspx By William Jackson GCN.com July 23, 2009 The Energy Department has started implementing Domain Name System Security Extensions on its high-performance Energy Sciences Network (ESnet), using a commercial appliance to digitally sign DNS records and manage cryptographic keys. The first zones on the network were signed July 8 and it will be at least another month before necessary software updates and testing are completed, and signed records can be published, said R. Kevin Oberman, a network engineer at DOE.s Lawrence Berkeley National Laboratory. "We're just getting it cranked up now," Oberman said. "Thus far, everything is working perfectly." DNSSEC is a set of protocols for digitally signing records used by the DNS to translate numerical IP addresses into commonly used domain names. Because DNS transactions underlie most activity on the Internet, assuring the authenticity of this information is crucial to security. The .gov top-level domain was digitally signed in February, and the Office of Management and Budget is requiring agencies to sign second-tier domains within .gov by the end of the year. ESnet is a network with a 100 gigbits/sec backbone that is used primarily for scientific research. Although the DOE runs the network, its domains are in the .net and .org top-level domains rather than .gov, so the department was not required to sign its records by the OMB mandate. Oberman said the decision to implement DNSSEC was to gain practical experience. OMB also is expected to expand its mandate to include government networks that are outside of .gov. [...] _______________________________________________ Attend Black Hat USA, July 25-30 in Las Vegas, the world's premier technical event for ICT security experts. Network with 4,000+ delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.comReceived on Fri Jul 24 2009 - 00:19:10 PDT
This archive was generated by hypermail 2.2.0 : Fri Jul 24 2009 - 00:29:04 PDT