OpenDNSSEC is delivered free, is open-source and offers more flexibility and control than commercial software tools. The objective is to simplify for web hotels, Internet services operators, name server operators and top-level domains to deploy secure DNS.

DNSSEC is an extension to the Internet’s open directory service DNS which secures that web and e-mail addresses are not manipulated, but really lead to the right place. With DNSSEC, Internet zones are signed cryptographically. When a domain name is looked up, its signature is then controlled with a key published by whoever is responsible for the domain name’s zone. Today the technology works well, a major proof of this is the fact that the root zone of the Internet will be signed in the summer of 2010. .SE (The Internet Infrastructure Foundation) is a pioneer in this area and has been using DNSSEC for several years. However, so far this has entailed a lot of manual work.

– The development of OpenDNSSEC, which we have done together with a number of collaborators, simplifies the management surrounding this technology. Now the use of DNSSEC can be spread to the great mass of domain names. Leveraging .SE’s unique deployment experience, we have achieved a well-packaged, easy-to-use and flexible tool that eliminates all manual work. No detailed knowledge about the protocol is now needed in order to use DNSSEC, says Rickard Bellgrim, responsible for OpenDNSSEC at .SE.

Signing without manual management

When using OpenDNSSEC, no manual management is needed for signing a zone or managing the cryptographic keys. The entire process from unsigned to signed zone is performed by the software tool. You can also choose between different ways of delivering the unsigned zone to the tool and receiving the signed zone from it. Future versions will be extended with further choices in order to simplify the implementation of OpenDNSSEC in an existing infrastructure. The software tool works with all different versions of Unix operative systems and is suitable for both those who need to sign one single, very large zone (for example TLD’s) and for those responsible for a large number of small zones (web hotels etc.).

Flexible configuration options give control

This last year a number of other free tools and commercial software products for DNSSEC have been developed. The major advantages with OpenDNSSEC are, among other things, that it is both easy to use and offer very flexible configuration options. You can choose an extremely high level of automation using a standard configuration, but users can also take charge themselves and customise their configuration to fit their own needs.

Can be integrated in commercial applications

Furthermore, OpenDNSSEC is supplied with a licence that gives a green light to suppliers of commercial products who want to utilise the open source code and include it in their software, without having to open up their own code. The developers of OpenDNSSEC are aiming to spread the use of DNSSEC as much as possible.

OpenDNSSEC can be dowloaded free of charge at: http://www.opendnssec.org

• More information about OpenDNSSEC 1,0
• FAQ OpenDNSSEC 1.0

For more information, contact:
Rickard Bellgrim, project manager for OpenDNSSEC at .SE
Phone: +46-730-23 95 16
E-mail: rickard.bellgrim@iis.se

Maria Ekelund, Head of Communications .SE
Phone: +46-8-452 35 27, +46-70-777 44 87
E-mail: maria.ekelund@iis.se

About .SE
.SE (The Internet Infrastructure Foundation) is an independent utility that acts to promote positive development of the Internet in Sweden. .SE is responsible for the Internet’s Swedish top-level domain, .se, encompassing domain name registration and administration, as well as the technical operation of the national domain name register. Profits from domain name registrations are used to support projects that contribute to Internet development in Sweden through both its own operations and the financing of independent projects.

The .se domain is growing stronger while .com is losing its’ foothold in Sweden.  According to SCB’s report, “IT use of enterprises 2009″, 88 percent of all companies choose to register .se addresses, while 32 percent choose .com.

According to the report, which was published in January 2010, it is clear that the registering of the country code top-level domain .se is increasing, while the generic top-level domain .com is losing power in Sweden.

“We see the same trend internationally.  Country code top-level domains, like .se, are growing faster compared to the generic top-level domains, like .com, .net and .org, in other markets as well.  In Sweden, .se  is the obvious top-level domain choice for companies.  Now we are also clearly seeing that smaller companies and individuals are to a larger extent choosing .se over other top-level domains,” says Danny Aerts, CEO of .SE (The Internet infrastructure foundation).

On December 31, 2009 there were 936,428 active .se domains.  That is to be compared with 834,004, which was the corresponding number at the end of 2008.  The number of active .se domains increased 102,424 during 2009,  which was a 12 percent gain.

Small and large companies choose .se over .com

Small as well as large companies are to a higher extent choosing .se, which dominates the market.  89 percent of companies with more than ten employees choose a .se domain and 86 percent of small companies with fewer than ten employees choose .se for their Internet address.  The Swedes are choosing .com less often – 42 percent chose .com among companies with more than ten employees in 2008, and in 2009 the corresponding number sunk to 36 percent.  Small companies made the same choice – in 2008, 34 percent of companies with fewer than ten employees chose .com, while in 2009 the corresponding number sunk to 28 percent.

Six out of ten small companies have their own domain

It is also clear from the report that around 85 percent of the smallest companies in Sweden use computers in their business.  Almost all of these also have access to the Internet.  More than half of them have a website and nearly 60 percent have their own domain name.

More facts and reports

The Central Bureau of Statistics (SCB) was commissioned by the EU statistical office Eurostat and the Swedish Department of Industry to produce the reports “IT use of enterprises 2009″ and “Individuals’ use of Computers and Internet 2009.”  The reports, along with many other statistics and facts about the Internet are available to read and download on .SE’s statistics portal, www.internetstatistik.se <http://www.internetstatistik.se/> .

Abstract from SCB´s  report IT use by enterprises in 2009

For more information, please contact:
Danny Aerts, CEO of .SE
Mobile: +46-70 990 54 89
E-mail: danny.aerts@iis.se

Maria Ekelund, Head of Communications
Phone: +46-8 452 35 27
Mobile: +46-70 777 44 87
E-mail: maria.ekleund@iis.se

The review ”DNSSEC Admin tools review”  show the current state of administrative tools for DNSSEC and thereby help customers in finding suitable DNS management products and to encourage appliance providers to continue to refine their products. We hope that this product review facilitates the deployment of DNSSEC and would also encourage others to follow up on this work.

This review was performed by Certezza on commission from .SE (The Internet Infrastructure Foundation), whose influence ends there and Certezza’s independence is thereby intact.

The report is a summary of the functionality of some leading DNSSEC management tools. The focus of the examination has been on DNSSEC signing and key management functionality. An important part of the work has been to specify a set of user review points. It is our belief that the review points are fairly general and as such can be used in similar reviews in the future.

The key finding in the study is that there has been a substantial development of DNSSEC tools during the last year, but in a few areas some improvement work still remains. In general the product standard is good and the tested products work as expected.

Please, read the review here: DNSSEC Admin tools review 1.0

In deference to upcoming changes in our DNSSEC signing environment, .SE will for practical reasons postpone the KSK key rollover which usually takes place by the turn of the year until later during Spring 2010.

In practice it doesn’t bring any technical difficulties to those who uses .SE as a Trust Anchor.

The key generated 2008 (Key id = 49678) will be unvalid from 2010-01-01 and will be removed 2010-02-01 whereas the key generated 2009 (Key id 8779) will continuously be in use to sign the .SE-zone during 2010 or until anything else is announced.

Keys are available through IANA’s ITAR https://itar.iana.org/ They are also available at https://www.iis.se/docs/ksk.txt

We do advice you to subscribe to the dnssec-announce@lists.nic.se mailing list to get notified about key rollovers and any other important changes.

Questions may be addressed to dnssec-info@iis.se.

More information about DNSSEC is available here.

Recently, the risk of hidden IPv6 traffic that can pass unnoticed through firewalls lacking IPv6 support has been pointed out. This makes it a good idea for all businesses to look into firewalls supporting IPv6. To get people started, .SE (The Internet Infrastructure Foundation) is publishing a test report about firewalls available on the market today.

The addresses in the old Internet protocol IPv4 are running out. The solution to this problem is IPv6 but, so far, most people are not yet ready to put in the work necessary for implementing the new protocol. Today, however, many computers and other equipment are delivered with support for IPv6 turned on. Therefore, there is a risk that malevolent Internet users exploit the lacking security for IPv6 traffic. For example, it could be used as a way to get inside a company’s firewalls and hijack computing capacity for so-called botnets. 

“You can actually have IPv6 traffic in your network without having planned for it. That’s why all organisations should look into this and establish an IPv6 policy. One solution is to shut down IPv6 completely in your network, but within a not too distant future we will all need to be reachable also via IPv6. Therefore, my advice is to revise your firewalls and start working on implementing IPv6 already now,” says Håkan Lindberg of B3IT, who has written the report together with IDG’s Tomas Gilså.

As fast and mature as IPv4

The report IPv6 support in firewalls – workshop 2009 presents results and conclusions from a test workshop organised by .SE in September 2009. The purpose of the testing was to establish the status of IPv6 readiness among vendors. Apart from tests of IPv6 traffic, a mixed IPv4/IPv6 environment was also included in the testing. All the tested firewalls from six different vendors – Checkpoint, Cisco, Fortinet, H3C, Halon and Juniper – worked well. IPv6 could be handled through the graphic user interface for the firewalls and found in the logs. The conclusion is that IPv6 is as fast as IPv4 and practically as mature, at the basic level.

Set-up available for tests

The workshop was not only a way of testing firewalls, but also an excellent way for the participants to get some hands-on experience. IPv6 is different from IPv4 and you can’t just copy the same settings and policies that are used in IPv4. To give others the opportunity of using it as well, the workshop test set-up is available at .SE for testing and verification also after this specific workshop. Anyone interested can feel free to contact .SE via ipv6@iis.se.

The full report IPv6 support in firewalls – workshop 2009 can be downloaded at http://www.iis.se/docs/IPv6-firewalls.pdf

For more information, please contact:
Maria Ekelund, head of PR and information at .SE
Phone: +46-8-452 35 27, +46-70-777 44 87
E-mail: maria.ekelund@iis.se

Jörgen Eriksson, project manager for IPv6 at .SE
Phone: +46-8-452 35 36, +46-708-48 96 00
E-mail: jorgen.eriksson@iis.se

About .SE
.SE  (The Internet Infrastructure Foundation) is an independent utility that acts to promote positive development of the Internet in Sweden. .SE is responsible for the Internet´s Swedish top-level domain, .se, encompassing domain name registration and administration, as well as the technical operation of the national domain name register. Profits from domain name registrations are used to support projects that contribute to Internet development in Sweden. For more information, see www.iis.se

For the third year running, .SE (The Internet Infrastructure Foundation) has surveyed how public authorities and other important bodies in Swedish society manage their Internet presence. The check-up shows that there are serious errors in the domain name system in 23 per cent of the examined .se domains, only a slight improvement compared to the previous year.

The survey of net reachability includes public authorities at the central, regional and local level, public utilities and state-owned companies, Internet service providers (ISP’s) and companies within media, banking and insurance. For the first time this year’s survey also included the 30 largest listed companies, as well as universities and university colleges. In all, 663 domains and 867 unique name servers were tested.

Comparison with a control group

The check-up concerns both quality and reachability in the domain name system (DNS), as well as certain important details relating to the handling of e-mail and web. This year the testing tool used had been developed further, for example it has become easier to break down results in subcategories. Furthermore, the health-check now includes a comparison with a control group of 10,000 randomly selected .se domains.

– Although a certain improvement can be seen compared to earlier years, we were expecting more dramatic changes in a positive direction. The number of insecure name servers surprises me, considering all the attention given to the so-called Kaminsky bug. The domains of importance to society are actually worse off when it comes to this, than the control group. Also the management of web certificates is poor, says Anne-Marie Eklund Löwinder, head of quality and security at .SE.

Some results from the survey

• Out of the 663 examined organisations and businesses, 23 per cent had serious errors that need to be dealt with immediately and 34 per cent less urgent errors that render them a warning.

• Like previous years, the county councils are the group with the largest share of domains with serious errors, 33 per cent. However, while there was a pronounced improvement between 2007 and 2008, this year’s result is exactly the same as last year’s. Other weak groups include the 30 largest listed companies, 30 per cent, and bank and finance, 29 per cent. The ISP’s had the best result, 13 per cent, closely followed by the universities and university colleges, 15 per cent.

• Two thirds had all their name servers with the same operator, which runs the risk of resulting in weaker redundancy. What is worse, one single operator often dominates in a specific category. Thus, if that operator runs into problems, a whole sector can be knocked out.

• 27 per cent of the surveyed organisations and businesses have their e-mail servers located outside Sweden. This can have consequences when the hotly debated, so-called FRA surveillance law is implemented, and also creates possibilities for foreign intelligence services to monitor e-mail traffic. Only 44 per cent have support for protecting their e-mail transportation with encryption, which doesn’t mean that this is utilised.

• 9 per cent, mainly universities, university colleges, ISP’s and public authorities, are reachable via the new Internet protocol IPv6, which will have to be introduced in the next few years in order for there to be enough addresses on the Internet. This year, we can thus begin to see the first small steps of the transition.

• Open recursive name servers lend themselves both to so-called cache poisoning, where DNS replies are falsified, and overload attacks. Although this security risk has been much publicised, the share of these name servers increased one per cent this year, to 23 per cent. The security extensions DNSSEC is used by only 3 per cent, mainly from the public sector.

The report Reachability on the net – Health-check for .se 2009 is available (in Swedish) for downloading

For more information, please contact:
Anne-Marie Eklund Löwinder, head of quality and security at .SE
Phone: 08-452 35 17
E-mail: anne-marie.eklund-lowinder@iis.se

Maria Ekelund, head of PR and at .SE
Phone: +46-70-777 44 87
E-mail: maria.ekelund@iis.se

About .SE
.SE (The Internet Infrastructure Foundation) is an independent utility that acts to promote positive development of the Internet in Sweden. .SE is responsible for the Internet’s Swedish top-level domain, .se, encompassing domain name registration and administration, as well as the technical operation of the national domain name register. Profits from domain name registrations are used to support projects that contribute to Internet development in Sweden through both its own operations and the financing of independent projects.

This year, it is 15 years since the first Swedish websites aimed at wider audiences were started. Because of this, .SE (The Internet Infrastructure Foundation) has produced the report “Internet 15 years”. It shows that it is the everyday uses which average people envisioned already in the 90’s that have characterised developments, rather than the experts’ visions of a brand new society.

When the new, connected information society were just around the corner in the 80’s and 90’s, exciting visions of its consequences were depicted. Among the predictions were the ideas that indirect democracy would be replaced by direct, teleworking would become the norm and the traditional mass media would disappear. After the event, however, you can observe that these visions have not come true. We have not converted to net-based direct democracy, stopped working at offices or discarded traditional mass media (at least not yet).

Instead, statistics show that what did materialise are the down-to-earth areas of usage that people back in 1996 said they would like to utilise the new technology for. For example, this includes handling one’s banking, getting information from public authorities and other sources, ordering tickets or goods, getting music, meeting new people or reading the newspaper online.

“Predictions that everything will change because of a shift in technology have been proven wrong before. In spite of the changes that have occurred, not least in patterns of communication and access to information, the Internet has not transformed either man or society. Rather, people have adjusted the Internet to fit their needs and their everyday life,” says professor Olle Findahl, who has produced the report Internet 15 years on assignment from .SE.

Not the same pattern as TV

The report also tells the story about what happened when eight out of ten Swedes became Internet users. This process does not follow the same pattern as the breakthrough of other new technologies, for example TV and radio. The Internet differ from this pattern in that, still after 15 years, there is a large part of the population that has no access to the new technology, since it is a lot more complicated to start using it than to buy a radio or TV receiver.

Today the so-called digital rift between blue-collar and white-collar workers is more or less completely bridged over in the age groups that are still working, but it remains among the older population. In the working population, there are no great differences in access to and the time spent on the Internet. On the contrary, there are differences in usage between the groups. E-ID is for example more common among users with a higher education.

Great differences in usage

The report also includes an analysis of how the Internet is used in Sweden today. The analysis observes very great differences in usage of the net and establishes a number of main groups of users, from the 8 per cent of the population that are advanced users and constantly live with the Internet, to the 22 per cent of cautious users who don’t use very many of all the opportunities presented by the Internet.

The report Internet 15 years can be downloaded in its entirety at www.iis.se/XXXXXXX.

For more information, please contact:
Maria Ekelund, head of PR and at .SE
Phone: +46-8-452 35 27, +46-70-777 44 87
E-mail: maria.ekelund@iis.se

About .SE
.SE (The Internet Infrastructure Foundation) is an independent utility that acts to promote positive development of the Internet in Sweden. .SE is responsible for the Internet’s Swedish top-level domain, .se, encompassing domain name registration and administration, as well as the technical operation of the national domain name register. Profits from domain name registrations are used to support projects that contribute to Internet development in Sweden through both its own operations and the financing of independent projects.

Today is the opening of Internet Days, Sweden’s most important conference and meeting place for everyone with an interest in the Internet. It is a place where news about the development of the Internet is presented and knowledge is shared. The event, held by .SE (The Internet Infrastructure Foundation), is now on its tenth year, offering a broader programme than ever, with 36 seminars in six parallel tracks spanning over two days. New this year is the media track and the conference is followed by an extra day filled with international workshops about Internet security, held together with the Swedish Post and Telecom Agency (PTS).

Internet Days take place November 3–5 at the City Conference Centre in Stockholm. Among the keynote speakers are:
- James Boyle, law professor at Duke Law School, USA, founder of Creative Commons and a proponent of a renewed copyright (Tuesday 9 am)
- Ross Anderson, professor in Security Engineering at the University of Cambridge, UK, broadening the notion of information security with economic and psychological perspectives (Tuesday 9 am)
- Netanel Jacobsson, social media entrepreneur and former Facebook executive, speaking about how social media are changing the web (Wednesday 9 am)
- Åsa Torstensson, Swedish Minister for Communications
- Beatrice Ask, Swedish Minister for Justice

This year, for the first time, the conference is extended with one extra day of international workshops, held in parallel with the EU Conference on Internet Security hosted by the Swedish Post and Telecom Agency: Resilient Electronic Communications – A Multistakeholder Challenge.

One of .SE’s workshops is dedicated to the great expansion of the Internet at hand. When things in the physical world become smart and connect to the Internet, new applications of all kinds become possible. Great business opportunities arise in various lines of trade.

Several reports are presented

For the third year, .SE (The Internet Infrastructure Foundation) presents the report The Health Status of .se (only in Swedish) about the quality and accessibility of the domain name system (DNS) in Sweden’s national top domain (.se). This year, the entire .se zone is examined for the first time, besides a selection of domains from the public and private sectors that are judged crucial for the society.

This year’s edition of the statistical report Swedes and the Internet is presented (only in Swedish), as well as the report 15 years of Internet (only in Swedish) on account of the 15 years that have past since the breakthrough of Internet in Sweden.

What is presented above is just a small selection from everything that is presented at this year’s conference. Internet Days 2009 are organized by .SE together with co-organizers Computer Sweden, Disruptive Media, Internet World, Swedish IT & Telecom Industries, the Swedish Media Council, Mobil:Business and the Swedish Post and Telecom Agency.

For more information, please contact:
Maria Ekelund, Head of PR & Information at .SE
Phone: +46-8 452 35 27
Mobile: +46-70 777 44 87
E-mail: maria.ekleund@iis.se

Danny Aerts, CEO of .SE
Mobile: +46-70 990 54 89
E-mail: danny.aerts@iis.se

Today, .SE (The Internet Infrastructure Foundation) is sending out a proposal for consideration concerning the alternative dispute resolution (ADR) for .se domain names. .SE regularly overviews ADR in order to guarantee that the resolution process is efficient, predictable and respects the rule of law.

Since 2003, the registration of .se domains is done without any prior examination – according to the first-past-the-post principle – and since July 2006 the law concerning national top-level domains for Sweden on the Internet is valid. Among other things, the law demands that a functioning dispute resolution process is in place and since 2003 .SE has used ADR as a model of examination after the registration, which is a common procedure for many top-level domain administrators.

Now .SE is carrying out a planned overview of the post-registration examination model.

The Swedish Post and Telecom Agency (PTS) suggested in its supervisory report from May this year (PTS-ER-2009:17) that the combination of letters “bank” should be added to .SE’s black list, thereby obligating a pre-registration examination of the domain names concerned. Due to the discussions following this report, .SE has added a part in the proposal for consideration concerning possible special regulations when it comes to the combination of letters “bank” in domain names.

.SE is now referring the proposal to concerned parties for consideration, in order to gather important opinions relating to the post-registration examination of domain names.

Read the proposal for consideration here and attachment 1 here.

Read PTS’s supervisory report (only in Swedish) here: http://www.pts.se/sv/Dokument/Rapporter/Internet/2009/Tilldelning-av-domannamn-under-se—PTS-ER-200917/

For more information about the issue of “bank” in domain names: http://www.iis.se/en/domaner/bank-i-domannamn/

For more information, please contact:
Maria Ekelund, head of PR and at .SE
Phone: +46-70-777 44 87
E-mail: maria.ekelund@iis.se

About .SE
.SE (The Internet Infrastructure Foundation) is an independent utility that acts to promote positive development of the Internet in Sweden. .SE is responsible for the Internet’s Swedish top-level domain, .se, encompassing domain name registration and administration, as well as the technical operation of the national domain name register. Profits from domain name registrations are used to support projects that contribute to Internet development in Sweden through both its own operations and the financing of independent projects.