Will 2012 be the dawn of DNSSEC?


Will 2012 be the year when U.S. retailers, banks and content providers finally bolster their DNS systems with an add-on security measure that prevents Web site spoofing? That's what advocates of the security measure - dubbed DNSSEC for DNS Security Extensions - are hoping will occur.

Cybersecurity experts are urging IT departments to invest in DNSSEC now - before a high-profile attack occurs that could have been prevented by readily available DNSSEC-compliant appliances, software and services.

Already, the new year has brought one major DNSSEC announcement: Comcast said last week that it was the first ISP in North America to provide resolution services for DNSSEC queries. At issue is whether the Comcast announcement will spark action by rival ISPs, Web site operators, enterprises and software developers to invest in readily available solutions to a gaping problem in the DNS.