In dot we trust: If you keep to this 124-page security rulebook, you can own yourname.trust

  • 22 October 2014
  • 0 replies
  • 149 views

Userlevel 7
Badge +54

Step 1: Don't get owned. Step 2: Use HTTPS. Step 3: ...

By Kieren McCarthy, 22 Oct 2014  NCC Group has published a set of security standards that you'll have to follow if you want to operate a .trust website.
The company owns the rights to sell dot-trusts, and uploaded the 124-page policy document [pdf] earlier this month. It provides a technical rundown covering network security to secure DNS settings, and NCC Group says the rules will be used as a configuration standard for all new dot-trust websites.
 For example, the DNS zone for a .trust domain should have DNSSEC resource records and answer all queries with cryptographically signed responses. This means when software, such as your web browser, looks up the IP address of a website's server from its domain name, the browser can check the authenticity of the information – and therefore thwart attempts to poison the data to redirect people to malicious servers.
 
Full Article

0 replies

Be the first to reply!

Reply