The Internet Corporation for Assigned Names and Numbers -- or ICANN, as it’s better known -- is responsible for managing the Internet’s domain name system. While much of its focus has been on new top-level domains, ICANN these days is busily ramping up the technology and its pitch for making the Internet more secure for its users.

At the group’s meeting this week in Brussels, Belgium, ICANN CEO Rob Beckstrom delivered a keynote address in which he stressed the critical role that ICANN plays in Internet security, in particular with DNSSEC. ICANN's DNSSEC message comes on the heels of the first Key-Signing-Key (KSK) ceremony for DNSSEC last week.

"ICANN's mission is to ensure a secure, stable and unified global Internet," Beckstrom said. "We must be an active catalyst for its defense. That means acknowledging that the DNS has weaknesses; no man-made system is invulnerable. It doesn't mean the system is weak -- in fact, it is highly decentralized and in many ways quite strong, but like every important facet of the Internet, it is under attack by miscreants with malicious intent."

Beckstrom added that ICANN's assumption is that security must always be improved as a matter of ensuring the vitality of the Internet. He also said that ICANN has an obligation to proactively identify and thoroughly analyze weaknesses, and then aggressively address them. That's where ICANN's DNSSEC activities aim to play a key role.

The effort comes amid an escalating backdrop of DNS-related stability scares. In the summer of 2008, security researcher Dan Kaminsky identified DNS as being at risk from a threat that could undermine the operation of the Internet as we know it. Steps have since been taken by the major router vendors to lock down vulnerable systems, but Beckstrom noted since the last ICANN meeting in Nairobi, Kenya, in March of this year, there have been global address-routing “anomalies” that have affected up to 10 percent of global addresses.

"ICANN cannot resolve these issues alone," Beckstrom said. "In recent weeks, I have reached out to those with the most immediate interest to reemphasize our desire to work together to confront these challenges."

One way that ICANN and industry stakeholders are looking to combat such challenges is with DNSSEC. During a panel session that followed the keynote, DNS creator Paul Mockapetris said the Internet is now in a transition era for DNSSEC as it moves toward gaining critical mass.

One of the issues that is accelerating the need for DNSSEC is the continued growth of high-speed networks, which make for more destructive DNS attacks. For instance, Mockapetris noted that for the DNS attacks uncovered by Kaminsky, slower networks are actually less vulnerable and less visible.

On the other hand, Mockapetris commented that he runs into people all the time that don't think they need DNSSEC because they have a 10-gigabit Ethernet (10 GbE) network.

"What that means is if you’ve got monkeys trying out passwords to break in, now you've got monkeys on steroids," Mockapetris said. "You know it doesn't make you safer. Speed kills in this arena and I think that's something that's not well understood."

Kaminsky, who was also on the panel, likewise advocated for rapid DNSSEC adoption. He said that there are very strong reasons why DNSSEC is a critical move for businesses to be making.

"I haven't historically been a backer of DNSSEC, I thought it was too much work for too little benefit," Kaminsky said. "In fact as an engineer, I though all of this work was too much work for too little benefit. I was wrong."

Sean Michael Kerner is a senior editor at InternetNews.com, the news service of Internet.com, the network for technology professionals.