Nominet, the not-for-profit organisation responsible for running the .uk Internet infrastructure, announced today that it has completed the rollout of DNSSEC for all the second level .uk domains in its registry.
This is a key milestone in making the web a more trusted environment for UK consumers and businesses. It builds on Nominet’s work driving forward the global DNSSEC initiative, which creates an additional layer of security in the worldwide Internet infrastructure.
DNSSEC enables domains to be ‘signed’, securing DNS data and helping to prevent spoofing, man-in-the-middle attacks and cache poisoning. One example – the man in the middle attack – takes place when cyber criminals exploit a series of vulnerabilities to redirect all web traffic to a major web destination to their own website, designed to mimic the original - with the ultimate goal of harvesting consumers’ identities or financial information for their own purposes.
The completion of DNSSEC deployment now sees the chain of trust established from the root of the internet through to all of our second level domains: .co.uk, .org.uk, .me.uk, .ltd.uk, .plc.uk, .net.uk and .sch.uk, allowing DNSSEC validation to take place right down to individual domains.
Nominet’s systems are now live to enable its registrars to offer this service to their customers, allowing them to sign and secure individual domains.
"DNSSEC is an important part of the armoury of the Internet industry in protecting against attacks on the Domain Name System. This is a significant step forward for the security of the .uk domain and opens the door for the UK’s major websites to DNSSEC-enable their domains and make the Internet a safer place," explains Simon McCalla, IT Director at Nominet.
"Registrars, Internet service providers and online businesses can now take action to get their .uk domains signed and secured. This will protect consumers from cyber-attacks and businesses from damaged reputations and lost revenues," concludes McCalla.
Later this year, Nominet will be launching a DNSSEC signing service, which will allow registrars to simply hand-over the process of DNSSEC signing their zones to Nominet.
For more details check out Nominet.org.uk