DTA implementing DNSSEC on .gov.au
The agency announced it has digitally signed the .gov.au zone to provide a trusted link for DNS queries between the top-level .au domain and third-level .gov.au domains such as my.gov.au.
Matt Goonan, the agency’s CTO, described the signing as a “small, but important step towards helping owners of gov.au domains protect their users against domain spoofing and cache poisoning attacks on gov.au domains”.
The move will help agencies implement DNSSEC (the Domain Name System Security Extensions) public key cryptography techniques to enable DNS servers to provide signed DNS data.
DNSSEC was developed to combat spoofing attacks involving an attacker causing incorrect answers to DNS queries to be stored in the DNS cache of resolvers or devices, in turn causing those devices to connect to incorrect websites or internet services.
Meanwhile, the DTA is gearing up to launch a pilot trial in the next few weeks by implementing DNSSEC on real-world .gov.au domains.
The agency is also working with the Australian Cyber Security Centre, the .au Domain Administrator, the Department of Communications and the Arts and .au registry operator Afilias to deploy DNSSEC with agencies choosing to do so.
The NSW Auditor General's report into the NSW Police Force's management of the $100m...
The Āwhina app will notify health workers when new or updated content is available to them.
The Digital Transformation Agency is updating the federal government style manual for the first...