DTA implementing DNSSEC on .gov.au
The agency announced it has digitally signed the .gov.au zone to provide a trusted link for DNS queries between the top-level .au domain and third-level .gov.au domains such as my.gov.au.
Matt Goonan, the agency’s CTO, described the signing as a “small, but important step towards helping owners of gov.au domains protect their users against domain spoofing and cache poisoning attacks on gov.au domains”.
The move will help agencies implement DNSSEC (the Domain Name System Security Extensions) public key cryptography techniques to enable DNS servers to provide signed DNS data.
DNSSEC was developed to combat spoofing attacks involving an attacker causing incorrect answers to DNS queries to be stored in the DNS cache of resolvers or devices, in turn causing those devices to connect to incorrect websites or internet services.
Meanwhile, the DTA is gearing up to launch a pilot trial in the next few weeks by implementing DNSSEC on real-world .gov.au domains.
The agency is also working with the Australian Cyber Security Centre, the .au Domain Administrator, the Department of Communications and the Arts and .au registry operator Afilias to deploy DNSSEC with agencies choosing to do so.
Application developers at state and local government agencies have improving user experience and...
Nominations for the 2019 Public Sector Innovation Awards must be submitted by 26 April.
The Digital Transformation Agency has announced the third release of new and updated documents...