DNSSEC-signed, ROOT-server test bed.
Bath, United Kingdom 1, January, 2010 . The Internet has become an "always-on" resource critical to people, organisations, countries and economies.
Ensuring DNSSEC's successful implementation is to understand and prepare for how implementations will impact root servers as well as the impact to the Internet's end users.
The DNS Infrastructure Resiliency Task Force (DIR), a non-profit organisation dedicated to promoting best practices for the resilience of DNS, has developed a fully signed, root-server test bed where TLDs can experience DNSSEC using a test DNSSEC environment that parallels today's production environment.
Current vulnerabilities with DNSSEC's design can yield the end-user with a disruptive service by receiving a blank page instead of being delivered to their intended destination on the .Net.
March, 2009, a document titled, "Initiative for DNSSEC Resiliency" was discussed with the DNS community regarding an, "initiative that facilitates a responsible and well developed end-to-end test bed of DNSSEC using parallel infrastructure and applications in an environment that will not impact today's "always-on" Internet experience". The test bed will allow TLD operators the ability to exercise a full end-to-end test to:
- Understand the stresses of a fully rolled-out production environment as well as be used to quickly identify and resolve newly identified vulnerabilities to be exploited by the malicious community.
- Allows DNS server operators to get a feel for the scaling requirements required for their implementation of DNSSEC.
DNSSEC is a good step forward in providing security for users of the Internet. The best way for .Net users to embrace DNSSEC is for TLDs and DNS operators to fully understand implications with rolling out DNSSEC today. Prepare for your DNSSEC rollout by testing today! Remember, people, organisations, countries and economies count on it!