EURid announces completion of 'chain of trust' for DNSSEC

The move means that the internet's root zone – which drives address-to-IP-address lookups on the net – now has the addition of .eu DNSSEC key material.

According to EURid, the completion of the chain of trust for the .eu domain makes the top level domain one of the safest of its types.

"The completion of the DNSSEC chain of trust means that everyone visiting a website using a signed .eu domain name can be confident of its legitimacy since name server responses can now be validated all the way up to the internet root zone", said Marc Van Wesemael, the firm's general manager.

"As such, .eu is amongst the first top-level domains to have full DNSSEC-support, fulfilling our objective to be at the forefront of implementing internet security measures via proven standards", he added.

According to Van Wesemael, EURid is encouraging .eu domain name holders, through their registrars, to sign their .eu domain names with DNSSEC, so adding digital signatures to all levels in the chain.

Infosecurity notes that the plan is that, as an ever-increasing number of .eu websites become DNSSEC-compliant, European businesses and consumers will benefit from the collective online protection brought to the .eu top-level domain.

DNSSEC is a protocol that verifies and validates name server responses from the `bottom up' through a chain of trust on the internet.

The protocol is billed as making the Domain Name System (DNS) more secure against web traffic interception attacks, since digital signatures are attached to DNS data, a process known as signing, so that the origin and integrity of this data can be verified as it crosses the internet.

All name servers used to look up DNS data – such as a website IP address or an email delivery location – and check the validity of the signed data, so preserving trust throughout the hierarchy for website owners and users.


What’s hot on Infosecurity Magazine?