"DNSSEC processes that previously took additional equipment such as external 'signing' appliances are now Nominum software features running on commodity server hardware", the company said. Operations that were previously complex multistep manual processes have been condensed to a few keystrokes by Nominum.
The DNSSEC encrypted domain technology is now supported within Nominum's authoritative DNS servers. Online or off-line deployment models are both supported. Its line of Vantio caching DNS servers already support the technology and have validation turned on by default.
Earlier in the week, VeriSign, which is responsible for operating the .com and .net top level domains, announced that it would complete DNSSEC implementation on them both by the first quarter of 2011. It is working with ICANN and domain name registrars across the world, along with ISPs, to assist them with DNSSEC encrypted domain technology deployment, and launched a technical boot camp program to provide tools and training.
The DNSSEC encrypted domain technology uses digital keys to encrypt a domain name, making it much more difficult for an attacker to spoof a domain name by tampering with DNS. It would also help to protect organizations against the crucial DNS design flaw discovered by Ioactive researcher Dan Kaminsky last year.