'.ca' domain name holders and users to be given additional level of security

CIRA, the Canadian Internet Registration Authority, has announced that it will begin implementing DNSSEC (DNS Security Extensions) in the ‘.ca’ domain name space in 2014.

DNSSEC was designed and implemented as a response to address the inherent security vulnerabilities in the way that the domain name system (DNS) operates. Due to these inherent vulnerabilities, it is possible to divert internet users away from their intended website destinations and to redirect them to third-party websites without their knowledge. This can result in the dissemination of computer viruses, malware and even theft of sensitive financial and personal data.

DNSSEC seeks to mitigate this situation by introducing an additional level of security at the level of the DNS which will ensure that internet users will be alerted to any possible re-direction to a third-party website that is not their intended destination.

According to CIRA, over half of Canadian internet users prefer to use a ‘.ca’ domain name rather than a ‘.com’ domain name. Implementing DNSSEC will allow CIRA to give ‘.ca’ domain name holders and users an additional level of security.

The purpose of this additional layer of security is to protect websites associated with ‘.ca’ domain names from online attacks. These online attacks can take the form of DNS spoofing, where a hacker gains access to a domain name's DNS nameservers in order to redirect visitors to a website of the hacker's choosing or DNS hijacking, where a hacker can modify DNS information to gain control of the complete DNS information of the domain name.

Moreover, online attacks can be used to try and obtain users' personal information, such as bank details. This type of fraudulent activity is not only a serious threat to users, but can also have a detrimental effect for the domain name holder and their online business. Such fraudulent activity can result in a loss of revenue, as well as a loss in consumer confidence in relation to the online business in question. Thus, DNSSEC aims to build a "chain of trust" between users and the websites they visit.

Byron Holland, president and CEO of CIRA, has been quoted as saying that:

“the success of DNSSEC now depends on implementation at the system level by players throughout the internet ecosystem” and that “the full implementation of this ‘chain of trust’ is required to improve the safety and reliability of the internet infrastructure that has become so vital to the economic and social fibre of our nation. I applaud those stakeholders that have already embraced DNSSEC.”

CIRA has emphasised that ‘.ca’ domain registrars also have to take an active role whereby they enable users to secure their ‘.ca’ domain names with DNSSEC.

As the global domain name world changes and expands, the importance of domain name security is becoming extremely clear. By implementing DNSSEC, CIRA is demonstrating its commitment to making the ‘.ca’ domain name space as secure as possible.

David Taylor and Tony Vitali, Hogan Lovells LLP, Paris