Re: DNSSEC Launched Today by EDUCAUSE and VeriSign

[Esther Iglich <eiglich () MCDANIEL EDU>]

what does this mean for us?
e
----- Original Message -----
From: "Rodney Petersen" <rpetersen () EDUCAUSE EDU>
To: SECURITY () LISTSERV EDUCAUSE EDU
Sent: Monday, August 2, 2010 1:27:46 PM GMT -05:00 US/Canada Eastern
Subject: [SECURITY] DNSSEC Launched Today by EDUCAUSE and VeriSign

I am forwarding the announcement below to let you know about this
important advancement in securing DNS within the .edu domain.  If you
have not already done so, please begin discussions with your DNS
operators about how you can deploy DNSSEC at your institution.

Regards,

Rodney

--------------------------------------------------
Rodney J. Petersen
Government Relations Officer & 
Director of Cybersecurity Initiative
EDUCAUSE 

1150 18th Street, N.W., Suite 1010
Washington, D.C. 20036
(202) 331-5368 / (202) 872-4200

EDUCAUSE Policy Analysis and Advocacy 
www.educause.edu/policy 
EDUCAUSE Cybersecurity Initiative
www.educause.edu/security 
Identity and Access Management 
www.educause.edu/iam 
-------------------------------------------------- 



FOR IMMEDIATE RELEASE

Contact:
Greg Jackson
Vice President
EDUCAUSE
gjackson () educause edu
202-331-5351

 
***********************************************
DNSSEC Launched Today by EDUCAUSE and VeriSign
***********************************************

August 2, 2010, Boulder, Colorado--EDUCAUSE and VeriSign announced the
deployment of a security system known as Domain Name Security Extensions
(DNSSEC) within the .edu portion of the Internet, which EDUCAUSE manages
under a cooperative agreement with the U.S. Department of Commerce.
Institutions whose domain names end in .edu will now be able to utilize
digital signatures to mitigate certain DNS security vulnerabilities,
such as cache poisoning and man-in-the-middle attacks.

The Domain Name System (DNS) is the part of the Internet that translates
names such as "example.edu" into numeric addresses (for example,
198.59.61.90). All Internet applications-from electronic mail to online
banking-depend on the accuracy and integrity of this translation. Over
the years, Internet security experts have discovered a variety of ways
that DNS translation may be compromised. The DNSSEC security system
limits the problem by allowing owners of domain names to use digital
signatures to add an extra level of authentication to the translation
process.

Deploying DNSSEC for .edu furthers the initiative to enhance domain name
security throughout the broader scope of the internet. As a precursor to
deployment, EDUCAUSE and VeriSign hosted a testbed environment which
allowed end-to-end testing by selected .edu domain holders in a non
production environment.

Brian Voss, vice chancellor for IT and CIO at Louisiana State University
and current chair of the joint EDUCAUSE/Internet2 Higher Education
Information Security Council, noted, "I am proud that LSU is at the
forefront of this exciting development and that our contributions and
efforts as a testbed for .edu deployment have laid a foundation for the
ubiquitous adoption of DNSSEC, so that the research and education
community can eventually realize its full value," Voss also added,
"DNSSEC represents an evolution in Internet reliability and security,
and I know that my CIO colleagues recognize that our university
communities expect our networks to be secure, and improving the security
of our root Domain Name System through cryptography is something we all
will embrace."

EDUCAUSE President and CEO Diana Oblinger said, "EDUCAUSE has
appreciated the opportunity to work with VeriSign and the U.S.
Department of Commerce to advance the security and integrity of the
Internet through early testing and deployment of DNSSEC. Dating from the
creation of ARPANET through the present day, the higher education
technology community has played a leading role in the development of the
Internet as a platform for learning, discovery, and engagement. We have
been happy to continue that role by being a lead partner in the launch
of DNSSEC."

Pat Kane, vice president of VeriSign, stated, "VeriSign's partnership
with EDUCAUSE to test and deploy DNSSEC in the .edu domain demonstrates
our ongoing commitment to a secure Internet infrastructure. VeriSign
appreciates the close collaboration with EDUCAUSE and the U.S.
Department of Commerce that allowed for success with this process and
the opportunity to generate lessons learned which we are actively
sharing with other domain registrars, thereby enhancing overall Internet
security."

*************************************
About EDUCAUSE
EDUCAUSE is a nonprofit association and the foremost community of IT
leaders and professionals committed to advancing higher education.
EDUCAUSE programs and services are focused on analysis, advocacy,
community building, professional development, and knowledge creation
because IT plays a transformative role in higher education. EDUCAUSE
supports those who lead, manage, and use information technology through
a comprehensive range of resources and activities. For more information,
visit www.educause.edu.

************************************
IF YOU ARE NOT THE MEDIA CONTACT for your organization, please send an
e-mail to with "remove as media contact" in the subject line. To update
your contact information on file with us, visit
http://www.educause.edu/Profile/4482. For questions, contact EDUCAUSE at
or 4772 Walnut St., Suite 206, Boulder, CO 80301.






Powered by Informz for iMIS
http://pod4.informz.net/clk/red8.asp?u=1008492045&mi=937019&l=1


This email was sent to: estaff () educause edu (1008492045)

-- 
Dr. Esther Iglich
CIO
McDaniel College
2 College Hill
Westminster, MD 21157
410.857.2405
eiglich () mcdaniel edu