DNSSEC adoption in Africa dimmed by other challenges

15.06.2009
Domain name system security adoption in Africa is likely to take a long time as the continent tackles more fundamental Internet issues such as local management, automation and full security for all country code top-level domain registries, say those involved in the process.

The domain name system is a key building block of the Internet, translating Internet Protocol addresses to host names. DNSSEC is used to protect the translation process and prevent hackers from tampering with information and redirecting Web traffic. DNSSEC defines how DNS records can be digitally "signed" using public key cryptography.

"DNSSEC adoption is a complicated process -- the infrastructure as well as the applications need to be able to handle it. Having DNSSEC implemented on DNS servers means little if there is no indication for a user that the site they are currently browsing has a signed DNS record or not," said Calvin Browne, a director at UniForum, the .co.za registry.

African registries face the challenge of implementation capability because most of them are not fully automated -- only Nigeria and Namibia have fully automated registries.

"If their current registry platform does not support DNSSEC, then it is not possible for that registry to implement DNSSEC. The registry would have to wait for an upgrade of the platform to one that supports DNSSEC," said Ndukwe Kalu, president of the Nigeria Internet Registration Authority.

Zur Startseite