Page All:
Page 1
DNSSEC: One in Ten Swedish Domains Secure against Phishing
STOCKHOLM, January 2, 2012/PRNewswire/ --
Swedish hosting provider Binero has DNSSEC-signed all customer .se-domains, increasing
the total amount of signed .se-domains from 5000 to more than 100 000. Nearly one in ten
Swedish domains are now validated against attacks with manipulated dns-information, like
phishing. The .se-registry, .SE has long called for DNSSEC to be introduced. Binero offers
the DNSSEC-validation free of charge and becomes the second largest provider in the world
for DNSSEC-signed domains. When more actors follow this example, the entire .se-domain
zone may become the first to be fully signed.
"DNSSEC-validation will not gain general acceptance as long as it is offered by few,
often at an additional cost. At Binero we want to do better than that, so we offer all our
customers DNSSEC-validation free of charge for domains registered through us. We hope our
industry colleagues will follow our example", said Binero founder and CEO, Anders Aleborg.
It has long been possible to manipulate the information between the recursive resolver
name server and the web browser (DNS-cache poisoning). It is a known way to divert
internet traffic in order to steal the mail- or credit card information of visitors
(phishing).
A solution to this is to DNSSEC-validate the domain zone. When a domain name is
requested by a browser, the signature is checked against a key with the party responsible
for the domain zone in question. Most Swedish internet service operators (ISP:s) have
DNSSEC-validated resolvers today, but few other than them. As of November 2011, there were
still only 5089 validated .se-domains, in spite of the top domain administrator, .SE
having called for DNSSEC-adoption since 1999. .SE warned of manipulated dns-information
among .se-domains as late as December 2011.
"In 2011 alone, five SSL-certificate providers or their resellers have had problems
with unreliable certificates, and the problem is increasing as more money is invested
online", said Anne-Marie EklundLowinder, Chief Security Officer with .SE, referring to
among others the Diginotar case where several global mail services where among the ones
with false certificates.
This month, Sweden's third largest reseller of .se-domains, Binero hosting has
DNSSEC-signed the .se-domains of all customers, nearly 100 000 without charging anything
extra.
"This DNSSEC-validation along with the one by ISP:s increases security both directly
and also indirectly, by increasing the ability to reliably spreading security attributes
like ssh-keys, SSL-certificates and similar. We applaud the registrars who have gone ahead
and DNSSEC-validated and we expect DNSSEC to become a compulsory requirement for
registrars as well as for customers during 2012", said Danny Aerts, CEO of the .SE
Registry.
You can check if a .se-domain is DNSSEC-secured on http://dnscheck.iis.se
For more information, please contact:
Anders Aleborg, CEO, Binero, +46(0)76-804-42-00, anders.aleborg@binero.se
Erik Arnberg, Marketing Manager, Binero, +46(0)70-398-75-34, erik.arnberg@binero.se
Maria Ekelund, Head of Communications, .SE, +46(0)70-777-44-87,
maria.ekelund@iis.se
A-MEklundLowinder, Head of Quality and Security, .SE, +46(0)8-452-35-17,
anne-marie.eklund-lowinder@iis.se
Source: Binero
DNSSEC: One in Ten Swedish Domains Secure against Phishing
STOCKHOLM, January 2, 2012/PRNewswire/ --
Swedish hosting provider Binero has DNSSEC-signed all customer .se-domains, increasing
the total amount of signed .se-domains from 5000 to more than 100 000. Nearly one in ten
Swedish domains are now validated against attacks with manipulated dns-information, like
phishing. The .se-registry, .SE has long called for DNSSEC to be introduced. Binero offers
the DNSSEC-validation free of charge and becomes the second largest provider in the world
for DNSSEC-signed domains. When more actors follow this example, the entire .se-domain
zone may become the first to be fully signed.
"DNSSEC-validation will not gain general acceptance as long as it is offered by few,
often at an additional cost. At Binero we want to do better than that, so we offer all our
customers DNSSEC-validation free of charge for domains registered through us. We hope our
industry colleagues will follow our example", said Binero founder and CEO, Anders Aleborg.
It has long been possible to manipulate the information between the recursive resolver
name server and the web browser (DNS-cache poisoning). It is a known way to divert
internet traffic in order to steal the mail- or credit card information of visitors
(phishing).
A solution to this is to DNSSEC-validate the domain zone. When a domain name is
requested by a browser, the signature is checked against a key with the party responsible
for the domain zone in question. Most Swedish internet service operators (ISP:s) have
DNSSEC-validated resolvers today, but few other than them. As of November 2011, there were
still only 5089 validated .se-domains, in spite of the top domain administrator, .SE
having called for DNSSEC-adoption since 1999. .SE warned of manipulated dns-information
among .se-domains as late as December 2011.
"In 2011 alone, five SSL-certificate providers or their resellers have had problems
with unreliable certificates, and the problem is increasing as more money is invested
online", said Anne-Marie EklundLowinder, Chief Security Officer with .SE, referring to
among others the Diginotar case where several global mail services where among the ones
with false certificates.
This month, Sweden's third largest reseller of .se-domains, Binero hosting has
DNSSEC-signed the .se-domains of all customers, nearly 100 000 without charging anything
extra.
"This DNSSEC-validation along with the one by ISP:s increases security both directly
and also indirectly, by increasing the ability to reliably spreading security attributes
like ssh-keys, SSL-certificates and similar. We applaud the registrars who have gone ahead
and DNSSEC-validated and we expect DNSSEC to become a compulsory requirement for
registrars as well as for customers during 2012", said Danny Aerts, CEO of the .SE
Registry.
You can check if a .se-domain is DNSSEC-secured on http://dnscheck.iis.se
For more information, please contact:
Anders Aleborg, CEO, Binero, +46(0)76-804-42-00, anders.aleborg@binero.se
Erik Arnberg, Marketing Manager, Binero, +46(0)70-398-75-34, erik.arnberg@binero.se
Maria Ekelund, Head of Communications, .SE, +46(0)70-777-44-87,
maria.ekelund@iis.se
A-MEklundLowinder, Head of Quality and Security, .SE, +46(0)8-452-35-17,
anne-marie.eklund-lowinder@iis.se
Source: Binero