The DNSSEC technology increases the DNS system security; DNSSEC will be useful mainly for companies handling sensitive information and data; launch of a testing version for the ENUM domain is scheduled for April, testing version for the .CZ domain will be launched in August and the full operation launch will be carried out in September 2008

Prague, Czech Republic, 3 March 2008 – The CZ.NIC association, administrator of the .CZ top level domain, is preparing deployment of the new technology, DNSSEC (DNS Security Extensions), to the domain administration system. This technology extends DNS, increasing its security. The CZ.NIC association is currently providing registrars with information the DNSSEC deployment; the registrars should start getting their systems ready from April.

“The operation of DNS, domain name servers, currently involves various risks. Correct and flawless operation of their domain is critical to many companies and individuals including those who do not own any domain. There are many financial, trade and other important operations performed via the internet. Internet banking attacks occur quite frequently. In the past there had been cases recorded when attacks targeted internet users from the Czech Republic,” explains Ondřej Surý, Technical Director at CZ.NIC, the benefits of the DNSSEC technology.

DNSSEC inserts digital signatures to DNS queries. If a domain is protected in this way, the response generated by the system is verified and the client receives correct information. However, users do not notice this within the regular operation.

DNSSEC is designed primarily for companies concerned about the security of their networks and information. To be digitally signed, every domain needs to have the public part of its digital key registered. This implies that those interested in this technology need to be adequately prepared in technological terms. Companies need to be able to sign domain records and provide the CZ.NIC association with the key used through the respective registrar. The key is then inserted by association’s administrators to servers managing the .CZ domain.

“The deployment of DNSSEC in this year is the number one project for us. We would like to start testing this technology with ENUM domains and from August with.CZ domains,” commented Ondřej Filip, executive director of the association. “This technology is only employed for two top-level domain registration systems in Europe – Swedish and Bulgarian. The Czech Republic should therefore become in this year’s September the third country to implement DNSSEC in their domain administration system.”

About the DNSSEC Technology

DNSSEC is an extension to the DNS system, increasing the domain name service security. The principle of DNS is the translation of name-based internet addresses such as www.nic.cz or www.dobradomena.cz to numeric addresses that can be understood by computers and used to display specific web pages, send e-mail, make phone calls over the internet and provide other common internet services. DNSSEC enhances the security when using DNS by preventing fake, altered or incomplete domain name data. As the administrator of the .CZ and ENUM domain registry, the CZ.NIC association is preparing deployment of this security technology for holders of the above domains and Czech internet users in 2008. More information is available at www.nic.cz/dnssec/.