Slashdot Mirror

← Back to Stories (view on slashdot.org)

Comcast Launches First Public US Trial of DNSSEC

Posted by kdawson on from the am-who-i-am-because-i-say-so dept.

cryan7755 and netbuzz both sent along a NetworkWorld story on Comcast's public test deployment of DNSSEC. Here is the company's blog post announcing the trial. "Comcast this morning announced what is believed to be the first public test deployment of DNS Security Extensions. The company says it has deployed DNSSEC throughout its nationwide network and will immediately make validating servers available to customers. In addition, Comcast said it would digitally sign all of its own domain names using DNSSEC by early next year. 'There is often talk about a chicken-and-egg sort of problem with DNSSEC. People don’t want to sign their own domains with DNSSEC until people are validating signatures,' says Jason Livingood, Executive Director of Internet Systems Engineering at Comcast. 'We want to explain how we as an ISP have a roadmap for validating signatures with DNSSEC.'"

2 of 100 comments (clear)

  1. Re:Can use 75.75.75.75 externally by ctg1701 · · Score: 2, Insightful

    Curious where you are testing this from. We verified and none of the servers behind our Anycast system are available off-net.

    Thanks

    Chris Griffiths
    Comcast

  2. Re:Benefits of DNSSEC? by wintercolby · · Score: 2, Insightful
    DNSSEC is a set of security extensions for DNS:

    DNSSEC was designed to protect the Internet from certain attacks, such as DNS cache poisoning [0]. It is a set of extensions to DNS, which provide: a) origin authentication of DNS data, b) data integrity, and c) authenticated denial of existence.

    Taken from DNSSEC.net

    --
    Most ignorance is vincible ignorance. We don't know because we don't want to know. --Aldous Huxley