The Foundation for National Scientific Computing (FCCN) has an online website that aims to clarify all those whose domains are delegated below «.pt» regarding the recent adoption of the DNSSEC standard.
DNSSEC is a technical solution with additional security mechanisms and its adoption by the entity that manages the domain and subdomain registration system for Portugal was announced in September 2009 and tested, however, in some second level domain names of its responsibility, such as fccn.pt, dns.pt and cert.pt.
The FCCN explains that the new standard adopted consists of security extensions to the DNS protocol, introducing mechanisms that allow solving several of the main problems in this area. «DNSSEC guarantees signed DNS responses, independence of cryptographic algorithms and trust in the service, with a view to eliminating weaknesses, preventing attacks, reducing the risk of manipulation, providing a secure service and increasing security», says the entity.
Among the advantages of the solution, we highlight the authentication of the origin, the integrity of the data and the secure verification of the non-existence of a domain or DNS records associated with it. Furthermore, it avoids intrusions such as cache memory corruption (pharming, phishing) and protect against modified transmissions (spoofing), guarantees the FCCN.
In simple language, «DNSSEC allows Internet users to be guaranteed that the domain they are accessing is digitally signed and has not been tampered with by third parties, as long as they have a program that verifies this digital signature».
These and other arguments are presented at www.dnssec.pt, a platform for testing and answering frequently asked questions, aimed at clarifying all those who maintain domains registered in «.pt», ISPs and registration agents for any impacts and potential consequences of adopting the new technical security solution.
