DNSSEC Coming to .AT, But Resistance Among Some German Internet Companies
Posted in: Domain Names at 21/02/2011 16:39
The Austrian registry, nic.at, announced at the annual Domain Pulse meeting on Friday that they will introduce DNSSEC late in 2011 following its introduction 12 months ago by the Swiss registry at the 2010 Domain Pulse and its planned introduction on 31 May 2011 by the German registry. But in a survey among members of the German internet industry association eco, there was resistance among a small but significant group of companies to take it up.
Speaking on happenings among the registries, Richard Wein, General Manager of nic.at said they were currently in the planning stages for enabling DNSSEC for .AT and will make it available at the end of the year. In preparation, nic.at will be holding a training day on 19 May.
Eco, the association of the German internet industry has over 500 members, and has conducted a survey, soon to be released, that looked at whether German business was likely to support DNSSEC. The initial findings of the survey found that there is a core group that has no plans, while the largest group of respondents to the survey seem in no hurry to introduce DNSSEC saying they will do so in the next 12 months.
Presenting a summary of the findings at the Domain Pulse conference, Thomas Rickert noted that among different types of members, around 20 to 30 per cent of members had introduced DNSSEC, from ten to 33 per cent had no plans to introduce DNSSEC while 43 to 62 per cent of members planned to introduce it in the next 12 months.
Announcing its planned introduction of DNSSEC in May, DENIC described it as:
The Domain Name System (DNS) converts the domain entered by the user into an IP address that can be processed by the computer. So the DNS can be called the telephone directory of the Internet. At present, the transfer of the DNS information - i.e. the resolution of the domain into the corresponding IP address - is not encrypted. This situation provides possibilities for altering the resolving name servers en route or by cache poisoning and to redirecting the user to manipulated sites. DNSSEC applies a digital signature to the name server records and thus ensures that the information will reach the user without any alterations. In addition to that, the sender of the information can be reliably authenticated. The procedure cannot prevent, however, that false information is signed or that the user is misled on a higher level.
The eco survey of members on a range of internet issues will be released in coming weeks and be available on their website at eco.de.