VeriSign announced it is working towards fixing a significant vulnerability in the DNS system. The DNS vulnerability was publicised by security researcher Dan Kaminsky and had been known earlier, but unfortunately it will take VeriSign until Q1 2011 to fix it.
The problem is that DNS, the Domain Name System that translates internet addresses such as website URLs into numerical values, can be seeded with false values and used to misdirect users. VeriSign told ZDNet on Friday that it will put in place DNSSEC, a protocol which will guarantee the origin and integrity of DNS data, for the .com and .net domains by the first quarter of 2011.
"Both .net and .com are very large domains," said Pat Kane, VeriSign vice president of naming services.
Kane added that ".net alone has more than 12 million domain names. Our first priority is to safely and securely implement DNSSEC, as it impacts the Domain Name System, one of the core building blocks of the internet".