Domain names enable the association of a computer resource such as an IP address to a user-friendly readable and easy-to-remember name, such as www.ssi.gouv.fr.
Recent news showed that domain name service providers are significant risk vectors. Their compromise can lead to traffic and e-mail interception, denial of service, or even website defacement.
The stakes related to the acquisition of domain names from service providers and their usage must be fully understood by CISO and system and network architects of all entities having an Internet presence.
To answer these pitfalls, the French Network and Information Security Agency (ANSSI) publishes these guidelines: « Best Current Practices for Acquiring and Using Domain Names ». This document provides general guidance covering both organizational and technical aspects.
ANSSI encourages Internet stakeholders to internalize these guidelines and to follow them as closely and as soon as possible.