Ram Mohan, BSc, MBAThe MIT Technology Review article A New Web of Trust: A protocol that could make the Internet more secure is finally being implemented said
A core element of the Internet that helps millions of computer systems locate each other is finally getting a much-needed upgrade. The domain name system (DNS) works a lot like the Internet’s phone book, translating the URLs that users type into a browser into the numerical addresses used to identify the servers that host the requested site.
Recently, this 30-year-old system has begun showing its age.
Last year, a team of high-profile security researchers raced to repair a critical flaw in DNS that made it possible to hijack legitimate communications, potentially directing unsuspecting Web surfers to malicious Web pages. The patch that the team came up with reduced the immediate danger but wasn’t meant to be a permanent solution.
For a long-term fix, many experts are now looking to DNSSEC, a protocol that verifies DNS messages with digital signatures. The Public Interest Registry, which handles the .org domain, is implementing DNSSEC across all Web addresses ending with this suffix, and it plans to complete the first phase of the process early this year. The U.S. government has committed to turning on DNSSEC for .gov as well, and the newly formed DNSSEC Industry Coalition is pushing to get the protocol adopted even more widely.
DNSSEC is about creating a “chain of trust,” adds Ram Mohan, CTO of Afilias, which has been working to help the Public Interest Registry handle its deployment. There are many places where DNSSEC must be switched on in order for the chain of trust to flow unbroken from the user to a website. Once a top-level domain (such as .org or .com) implements DNSSEC, any website under that domain can choose to turn on DNSSEC as well, which is an important link in the chain. Since Internet service providers such as Comcast have started supporting DNSSEC, Mohan says, it’s becoming possible for some website visits to fall largely under the protection of DNSSEC.
Mohan says that he’s hopeful that more domains will implement DNSSEC soon. “It’s about damn time that DNS got more secure,” he says. “The integrity of DNS traffic is starting to be questioned with the advent of phishing and botnets and stuff like that. Here is a concrete thing that can be done that is proven to eliminate a clear problem.”
Ram Mohan, BSc, MA is the Executive Vice President and Chief
Afilias Limited. Afilias, based in Ireland with offices in
the US, Canada, India, UK and Germany, is the registry operator for the
.info and .aero domains, the registry services provider for the .org,
.mobi and .asia domains, India’s .in domain and 10 other sovereign
country domains (ccTLDs).
Ram is a recognized expert in Internationalized Domain Names (IDNs) the effort to make domain names work in scripts and languages other than ASCII/English. He was a co-author of the IDN Guidelines that have been widely adopted by registries worldwide, and has authored, edited or reviewed the majority of ICANN IDN technical and policy documents. He is a member of the IDN President’s Advisory Committee. He chaired the ICANN Working Group on IDNs. He was an invited expert to the ICANN Reserved Names Working Group. He now chairs the Security and Stability Advisory Committee SSAC IDN Study Group.
Ram is one of the founding members of the ICANN Security & Stability Committee (SSAC), and the ICANN Nominating Committee (NomCom). He has served on the ICANN Whois task force, and is a member of the DNSSEC-Deployment Working Group. Ram serves a liaison to the Board of Directors of ICANN, appointed by SSAC.
He sits on several W3C (World Wide Web consortium) steering committees, and is involved in the Mobile Web Initiative and Internationalization efforts of the W3C.
Ram is involved in the Pan Localization project, a regional initiative to develop local language computing capacity in Asia, and is a co-author of a chapter on Internationalization in a forthcoming book on Asian languages.
Ram is Afilias’ representative to the Unicode consortium, a non-profit organization founded to develop, extend and promote use of the Unicode Standard, which specifies the representation of text in modern software products and standards. He participates in the Unicode South Asian languages working group.
An active public speaker, he has delivered speeches on Internet Security, Cybercrime, DDOS Attacks, Multilingualization, Digital Divide, IDNs, DNSSEC, and Whois. He sits on the boards of various educational and leadership non-profit organizations in North America and Asia.
Ram is also involved in funding early stage entrepreneurs through Charter membership in TiE, a global network of entrepreneurs & professionals dedicated to the advancement of entrepreneurship.
He earned his BSc in Electrical Engineering at the Manipal Academy of Higher Education, India in 1990. He earned his MBA in Finance and Entrepreneurship at Bharathidasan University, India in 1992. He completed his Certificate Program on Negotiation, Business Management at Harvard Business School in 2001. He is currently finishing up his MSc in Computer Science at Drexel University, Philadelphia.
Ram Mohan is the name that is framed by combining names of HINDU Gods RAMA and MOHAN (which also is the other name of Krishna), although in the case of this Ram Mohan, “Ram” is really an abbreviation of his longer Indian name, Cedarampattu, which is a homonym of his home town in South India, Sedarampattu.
Watch Ram Mohan – Keep the Core Neutral @ ICANN.