Securing the DNS
Leading the next step towards a more secure Internet
IETF 75, 28 July 2009, Stockholm, Sweden
The Domain Name System (DNS) is one of the critical operational elements of the Internet, creating a “human environment” that allows names to be mapped to host addresses across the Internet. But the DNS was established with no inherent security mechanisms, making it vulnerable to certain malicious activities, such as DNS spoofing, where attackers make false assertions about DNS data in order to misdirect traffic to unwanted sites.
Efforts are underway on several fronts, developing better Internet security technologies and practices through open standards development and the collaborative work of developers, operators, and industry. One key effort is DNSSEC (short for DNS Security Extensions) – a set of open standards developed to authenticate DNS data using public key infrastructure to digitally sign DNS records, providing a high level of security to core transactions. It does not solve all online security issues, but it is an important step towards a more secure online experience.
Leaders from across the Internet community are actively engaged in work to drive the broad deployment of DNSSEC and other standards for continuous improvements in Internet security.
In this session – designed to make these issues accessible to a broader audience – the Internet Society’s Leslie Daigle will lead a distinguished panel of some of the world’s leading developers, administrators, and operators of Internet infrastructure. What are their experiences? What problems have they overcome? And what do they see as the next steps towards a more robustly secure Internet?
Read the background document on DNSSEC.
On the panel
The panel will feature:
How to take part