Network and Engineering
Integrating DNSSEC Into Applications
In February 2010, we announced the start of a production network trial of DNS Security, or DNSSEC, technology. Since that time our trials have gone well, and we've been learning a lot to prepare us for deploying DNSSEC to all customers. In addition, the global DNS root has been signed, as have key top-level domains like .ORG and .EDU.
As Comcast and other ISPs implement DNSSEC, and domain owners start to cryptographically sign their domains, we can see a point in the near future where applications may start to show end users some indication that a domain has been secured with DNSSEC. This may be much like a web browser shows a special lock icon when a user visits a website secured with SSL.
To help open-source developers to add DNSSEC features to their applications, the NLnet Foundation recently announced a grant program for DNSSEC. And today, we are pleased to be able to contribute $15,000 to the NLnet Foundation to expand this important grant program. We hope the NLnet Foundation DNS Security Fund can help fund some developers to start working on DNSSEC-aware applications, and motivate others to do the same.
For more information or to apply for a grant, please see http://www.nlnet.nl/dnssec/.