Government’s ‘orphan websites’ could be stalling .gov security

July 22, 2011
Cyber Security, FedCyber Wire
No Comment

via Government Computer News

More than 18 months after the deadline, the deployment of security protocols on .gov domains apparently has stalled at around 50 percent, government officials said.

Under a 2008 memo from the Office of Management and Budget, Domain Name System Security Extensions (DNSSEC) were to be deployed to all federal systems by December 2009.

“We were at 50 percent last year, we were at 50 percent this year,” Lee Ellis, the .gov program manager for the General Services Administration, said at the FOSE conference in Washington July 20. “Fifty percent DNSSEC signed zones is unacceptable.”

There are a variety of technical, financial and organizational barriers to completing DNSSEC deployment, Ellis said, but one of the greatest sticking points might be “orphan websites” – outdated or abandoned sites that have been forgotten by their owners.

A recently announced program to clean up the executive branch’s .gov space and consolidate websites could help to improve the DNSSEC percentages, said Andy Ozment, the White House National Security Council’s director for federal information security policy.

“I believe that many domains that are not signed are domains that their owners don’t know about,” Ozment said.

Continued here.