Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
The Internet

Submission + - SOPA and PIPA Would Render DNSSEC Useless (

wiredmikey writes: Organizations are making the move to DNSSEC including deployment from major ISPs like Comcast and e-commerce companies like PayPal.

Unfortunately, adopters in the USA are facing a serious barrier to adoption: Congress.

The proposed Stop Online Piracy Act (SOPA) and Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act (PROTECT IP Act or PIPA) contain provisions that, if enacted, would threaten to break the end-to-end functionality of DNSSEC. These pieces of legislation require ISPs to intercept and redirect DNS queries for websites that are believed to be involved in piracy. In the context of DNSSEC, this is like requiring ISPs to behave like attackers, deliberately hijacking otherwise legitimate DNS queries.

In short, DNSSEC and the redirection provisions of SOPA and PIPA are incompatible and raise substantial barriers to DNSSEC adoption, which will lead to a less secure Internet.

Author Ram Mohan notes that it would be a sad day for security if poorly informed legislation were allowed to slam the brakes on the global DNSSEC deployment initiative, just as it is gathering critical steam.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

SOPA and PIPA Would Render DNSSEC Useless

Comments Filter:

I've finally learned what "upward compatible" means. It means we get to keep all our old mistakes. -- Dennie van Tassel