Secure64 DNS Signer Enables Long-Term Solution to Critical DNS Flaw Recently Identified by Dan Kaminsky

Denver – July 30, 2008 – Secure64 Software Corporation has developed a product that dramatically simplifies the implementation and management of DNSSEC. Secure64 DNS Signer™ is the first and only product that addresses each of the obstacles that have slowed the widespread deployment of DNSSEC zone signing, including the need for simplicity, security, auditability and scalability. While recent patching efforts have mitigated the impact of the cache poisoning vulnerability identified by Dan Kaminsky and widely reported by the media, deployment of DNSSEC is widely regarded as the only viable long-term solution to securing the Domain Name System (DNS).

Domain Name System Security Extensions (DNSSEC) provides authentication of the origin of DNS data, assurance of data integrity, and authenticated denial of existence – the three elements necessary to increase the security of the Internet’s DNS infrastructure. With DNSSEC, internet users can know with certainty that they are at the correct site and that there is no man in the middle spying on them. Without DNSSEC there is a much higher risk of fraud, loss of confidentiality, and identity theft. FISMA Act encourages U.S. government agencies to configure their DNS servers to the DNSSEC security specifications set by the National Institute of Standards and Technology, and it has been reported that the federal government’s Office of Management and Budget (OMB) plans to begin enforcing DNSSEC requirements through an auditing process, setting the standard for DNS best practices. For more information about DNSSEC, visit

The Secure64 DNS Signer:

  • Deploys in days rather than months
  • Automates all key management activity securely
  • Offers compatibility with existing provisioning systems/slave architectures
  • Scales to millions of records and hundreds of thousands of zones
  • Supports highly dynamic environments with minimal signing latency
  • Utilizes a Genuinely Secure, Trusted Computing Platform

“Organizations that have been working to deploy DNSSEC are frustrated by the amount of time required to understand and implement it correctly, securely and in a way that is repeatable. Early adopters often devote several months or more to deploy DNSSEC by integrating open source tools, scripts, cryptographic hardware and homegrown code. Then they have to devote significant IT resources to ongoing maintenance and administration. Secure64 DNS Signer addresses the market’s need for a simple yet secure approach to deploying DNSSEC” said Mark Beckett, vice president of marketing, Secure64.

Beckett added, “This product solves the biggest remaining technical hurdles to broad-scale deployment of DNSSEC in the industry: signing DNS zones quickly and easily while ensuring the signing keys aren’t compromised. Overcoming these hurdles marks a major milestone in helping secure the Internet infrastructure around the world.”

According to Olaf Kolkman, CEO of NLnet Labs and chair of the Internet Architecture Board, “DNS is used in almost every situation where users want to access a service somewhere on the Internet, and DNSSEC provides protection of that utility.”

Secure64 DNS Signer simplifies the complex process of DNSSEC zone signing by automating all key generation, key rollover, and zone signing and resigning processes, and reduces risk by eliminating signing errors that make network resources unreachable. Secure64 DNS Signer also addresses the need to scale to extremely large, dynamic environments by providing both incremental and bulk zone signing with extremely high signing performance.

“DNSSEC is a critical topic for top level domain registries wishing to enhance the security of their domain,” said Ram Mohan, Chief Technology Officer at Afilias, one of the leading registry services provider in the world supporting over 13 million domains. “Secure64 has designed a product that promises to be secure and reliable.  We look forward to evaluating their DNS Signer solution, which we anticipate will provide efficiency and cost savings in the DNSSEC rollout for the registries that Afilias supports.”

Secure64 DNS Signer is priced starting at $14,995 and will be available in September 2008. For additional information, contact Secure64 at (303) 242-5890 or visit

About Secure64 Software Corporation

Headquartered in Greenwood Village, Colorado, Secure64® is a software developer providing secure, self-protecting, high performing server applications. Secure64’s core technology is SourceT®, a patent pending Genuinely Secure™ micro OS designed from the ground up to make the micro OS and any applications running on it immune to rootkits and malware and resistant to network attacks. Unlike conventional operating systems with insecure architectures, SourceT does not need to be hardened, patched and protected to minimize exposure to vulnerabilities. For more information,


Company Contact

Mark Beckett

Vice President, Marketing


(303) 242-5899

Press Contacts

Elisabeth Monaghan
Trippe and Company
(303) 514-8383

Rich Miller

Trippe and Company

(303) 539-6933