Implementation of existing standards would make the internet much more secure

"Software suppliers and service providers should be addressed individually"

We have to make the electronic world more secure, according to Vint Cerf, one of the pioneers of the internet. Cerf reckons that the biggest problem of all is spoofing, where users are directed to falsified addresses and systems, and users take on fake identities. That's why the electronic identification and authentication (validation) of online computer systems and users is such a hot topic.

Cerf highlights SSL certificates (TLS), DNSSEC, two-factor authentication (2FA), and HTTP Strict Transport Security (HSTS) as vital security technologies for tackling spoofing.

Adoption increasing, but slowly

We have been promoting use of the internet security standards mentioned by Cerf -- and others such as DANE and DKIM/SPF/DMARC for e-mail -- for some time. For example, we have an incentive scheme for registrars [DANE], we publish technical information [DNSSEC, IPv6], we hold knowledge sessions [IPv6, DANE] and we run public information campaigns. The Platform for Internet Standards (internet.nl) also works to promote modern internet (security) standards [mail], but its focus is specifically on Dutch government bodies. Our surveys of IPv6 and DNSSEC use and reports published by the Forum for Standardisation show that adoption of the relevant standards is definitely increasing, but that progress is frustratingly slow. What's more, the Netherlands lags behind other comparable countries when it comes to use of IPv6 and DNSSEC validation. The strong growth of DNSSEC validation in Belgium this year underlines the importance of support from the main market players.

APNIC-DNSSECvalidationBE-20191101

Plenty of scope for improvement

Better internet security and stability doesn't therefore depend on the development of new standards. A great deal could be achieved simply by implementing the standards we've already got -- some of which have been around for a long time. That's clear from the report on a recent APNIC deployathon for RPKI, DNSSEC, DMARC and TLS. It's also vital that suppliers upgrade their tools and services, as previously pointed out by Bart Knubben of the Forum for Standardisation: "It's important that software suppliers and service providers make the standards easy to implement, or -- even better -- make support for the standards the default position." He believes that both government organisations and their major service providers should be individually urged to take action.

Comments

  • Friday 8 November 2019

    .nl domain name

    Registry locks: great potential but little current demand

    Thumb-locked-gate

    About 150 .nl domain names now secured with .nl Control

    Read more
  • Tuesday 3 April 2018

    .nl domain name

    What's the secret of a great website?

    iStock-624124442-man-blij-achter-laptop-thumbnail

    Check the 5 important tips

    Read more
  • Thursday 31 May 2018

    .nl domain name

    'More click with .nl' campaign

    Je-hebt-meer-klik-met-punt-nl-thumbnail

    Awareness campaign for .nl gets underway on 31 May.

    Read more

Sorry

Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.