Deploy360 5 May 2014

DNSSEC-name-and-shame Spotlights Top Web Sites Without DNSSEC

By Dan YorkSenior Advisor

DNSSEC Name and ShameWhich of the Top Alexa-ranked sites support DNSSEC? How can you quickly find out if a web site supports DNSSEC?  Last week we learned of a fun new site that came out of a recent hackathon at TheNextWeb 2014 conference in Amsterdam that aims to answer these questions.  Called “DNSSEC name and shame!” the site can be found at the simple URL of:

http://dnssec-name-and-shame.com/

At the top you can just enter any domain name and the site will check whether that domain is signed with DNSSEC.  But what is perhaps more interesting is to go a bit further down the page and look at the list of the Alexa Top 25 sites and the list of the event sponsors and “known good” examples.  You can click on any link and it will tell you the result.

I won’t spoil the surprise of what you’ll find when you click those links… but suffice it to say that many of the sites need to read our information for content providers / website owners about how to sign their domains with DNSSEC!  🙂

This DNSSEC-name-and-shame site is a cool example of the type of site / service that can be easily created using some of the new APIs available for DNS and DNSSEC.  Several of the other hackathon projects were definitely cool and we’ll be spotlighting some of them in the weeks ahead.

Congrats to the developers of the site, Joel Purra and Tom Cuddy, too, for winning PayPal’s TNW Hack Battle prize.  Great to see PayPal recognizing this work… and of course paypal.com has been signed with DNSSEC for quite some time now.

Do check the site out… test out domains that you work with… and if they are not signed, why not start today on getting them signed and making the Internet more secure?

P.S. We also enjoyed that Anne-Marie Eklund Löwinder of .SE lent her shaking-fist image to the site.  She’s one of the early pioneers in the world of DNSSEC and it’s fun to see her here!

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related Posts

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...