Hacking-proof zone planned at ".secure"
Internet security specialists have applied for a ".secure" domain that they plan to turn into an online safe zone where bad guys aren't allowed.
San Francisco-based Artemis was awaiting word Friday from the Internet Corporation for Assigned Names and Numbers (ICANN) on whether it was approved to host websites with ".secure" addresses.
"We are creating a safe neighborhood where you know people follow the rules and you can rely on them to do things securely," Artemis chief technical officer Alex Stamos told AFP.
"There is not going to be typo squatting or malware... We are going to make it really air tight so even if you were in Syria the Syrian government couldn't hijack you."
Commonly available, but typically unused, technology tools for thwarting online hackers, viruses, snoops, spies and scammers will be mandatory at websites with .secure addresses.
"The idea is to make it effortlessly secure for individuals," Stamos said.
"In the end, the actual technical security tactics are things (websites) should be doing anyway. We are just making it a requirement."
Plans for .secure were part of an Internet domain name "revolution" that remained on hold due to a flaw that let some aspiring applicants peek at unauthorized information at the ICANN registration website.
ICANN intends to resume taking applications on May 22 from those interested in running new generic top-level domains (gTLDs) online, with the window staying open for about five days.
ICANN said that it has so far received 2,091 applications from 1,268 organizations, some of which are vying for the same word as the end to a domain name.
In January, ICANN began taking applications from those interested in operating Internet domains that replace endings such as .com or .org with nearly any acceptable words, including company, organization or city names.
Outgoing ICANN president Rod Beckstrom has championed the change as a "new domain name system revolution."
Shifty characters are bound to take advantage of the change by "squatting" on website addresses based on popular words or on common misspellings, according to Stamos.
"There are all kinds of shenanigans people pull with domain names," Stamos said.
"There will be all kinds of people squatting over the domain space and we are just not going to let that happen."
Businesses registering .secure websites will be required to verify their identity and accurately represent what they do.
"If you use the word 'bank' or 'brokerage,' you will have to prove that is what you are," Stamos said. "You can't just grab that domain and sit on it."
Those running .secure websites would need to install safeguards, such as data encryption and guard against viruses that could be passed on to visitors.
"If you launch a website and two days later there is malware on it, we are taking it down and you will have to come to us and explain," Stamos said.
Artemis did not disclose how much it planned to charge for .secure Web addresses, but expected the amount to be significantly more than the $13 or so typically charged for .com.
Registering a gTLD with ICANN costs $185,000 with a $25,000 annual fee after that.
Artemis, part of Britain-based NCC Group, also had to show ICANN that it could operate .secure for three years without taking in any revenue.
The hope was to have .secure among the first wave of new gTLDs, which are expected to go live on the Internet in the middle of next year.
"If companies go through a little bit of pain to run on .secure, in the end they have done themselves and their customers a great service," Stamos said.
"If you want to be lazy, you should not apply for a .secure domain."
More information about .secure was available online at artemis.net.
Artemis is also assembling an industry group to develop "domain policy framework" for making websites safer no matter what their addresses.