[Owasp-royalholloway] .UK domain name "security"
colin.watson at owasp.org
Wed Jan 2 22:04:15 UTC 2013
(Cross-posted to UK lists)
Nominet is requesting responses to a consultation on proposals for new
second-level .uk domains. Regardless of the merits of that idea, I
wondered if UK OWASPers wanted to submit a response to the security
ideas proposed? Apart from registrant identity verification, the
security ideas are currently:
* routine monitoring of domains for malware and viruses on the domain name
* include a visible trust mark to indicate this enhanced security to
customers of the domain,
* include mandatory DNSSEC signing
It would seem OWASP ought to be able to suggest improvements to these.
The consultation document is:
The closing date for responses is 7th January 2013. I think the
response should be kept fairly short, and only answer the most
OWASP-relevant items (i.e. not whether we think it is a good idea at
all!). I tried to get some input via the London list and have created
an initial draft here:
If anyone has any thoughts, suggestions or improvements, please let me know.
You can of course reply to the consultation independently as well.
More information about the Owasp-royalholloway