With more than 47 million domain names under management, GoDaddy is a great DNS infrastructure has been updated to support the security standard known as Internet pop DNSSEC DNS Security Extensions.
one year GoDaddy engineering effort to prepare DNSSEC is significant, as the most popular Internet domain -. com – support DNSSEC end of March, according to operator com Verisign.
BACKGROUND: Half of federal web sites does not prove DNS security
DNSSEC is an emerging Internet standard that allows Web sites to verify their domain names and corresponding IP addresses using digital signatures and public key encryption. DNSSEC prevents Kaminsky style attacks, where the traffic is redirected to a legitimate Web site of a false without the web site operator or end user to know.
Internet Root Servers in the top of the DNS hierarchy added support DNSSEC last July. Over 25 domains – including governments, .. org, education and network -.. DNSSEC has allowed since.
The next major milestone for DNSSEC is for the safety standard to be enabled in the domain. Com, which has more than 80 million names registered a total of 205 million names registered in all top level domains (TLD), according to statistics from February 2011.
World’s leading domain name registration, GoDaddy support DNSSEC six top-level domains:. Org, net, us, biz, eu and …… GoDaddy will support DNSSEC. Com next week, when Verisign offers this additional security.
“Because GoDaddy handles a third of all DNS requests in the world, we must be careful with everything we do,” says Rich Merdinger, senior director of services for domain registration with GoDaddy. “We put in a lot of due diligence and a long run time” for DNSSEC.
GoDaddy offers DNSSEC as part of its new offering DNS Premium, which also includes hosting DNS and Secondary DNS. DNS Premium costs $ 2.99 per month for five domain names.
GoDaddy engineers wrote their own software to support DNSSEC grown based on the company Web Manager Domain Manager systems and platforms.
“We offer a one-click solution where we manage the key management and key renewal behind the scenes for the user,” says Merdinger.
GoDaddy ran a seven-month trial of DNSSEC. Org names June 2010 until February 2011 when the company announced its premium commercial DNS service.
“We started small for the power user to hold its own DNS,” says Merdinger. “It was a very small group, and was, literally, the early adopters who have the means to generate their own keys to their domains. We had less than 300 people involved in the early adopter phase. They were IT professionals who were trying learn about DNSSEC in the practical world, real. ”
Today, GoDaddy has around 400 customers of its premium service DNS are actually signing their domains using DNSSEC. “It was a very gradual adoption has not arrived in frantic as” Merdinger says.
However, GoDaddy is anticipating that this will increase when the area com. Signature.
“Definitely there is some pent up demand for DNSSEC in. Com,” says Merdinger. “We have almost as many people pre-configured for DNSSEC. Com actively as we have set. Net at this time.”
GoDaddy technical obstacles facing the deployment of DNSSEC is that top-level domains have deployed DNSSEC otherwise, with the signing of several algorithms and key lengths.
“You really have to deploy DNSSEC on a per TLD, making sure they understand the nuances of each application,” says Merdinger. “While DNSSEC is a norm, is not enough wiggle room in the standard you must ensure that adapt to each TLD.”