Ram Mohan, BSc, MBA
The MIT Technology Review article A New Web of Trust: A protocol that could make the Internet more secure is finally being implemented said
A core element of the Internet that helps millions of computer systems locate each other is finally getting a much-needed upgrade. The domain name system (DNS) works a lot like the Internet’s phone book, translating the URLs that users type into a browser into the numerical addresses used to identify the servers that host the requested site.
Recently, this 30-year-old system has begun showing its age.
Last year, a team of high-profile security researchers raced to repair a critical flaw in DNS that made it possible to hijack legitimate communications, potentially directing unsuspecting Web surfers to malicious Web pages. The patch that the team came up with reduced the immediate danger but wasn’t meant to be a permanent solution.
For a long-term fix, many experts are now looking to DNSSEC, a protocol that verifies DNS messages with digital signatures. The Public Interest Registry, which handles the .org domain, is implementing DNSSEC across all Web addresses ending with this suffix, and it plans to complete the first phase of the process early this year. The U.S. government has committed to turning on DNSSEC for .gov as well, and the newly formed DNSSEC Industry Coalition is pushing to get the protocol adopted even more widely.
DNSSEC is about creating a “chain of trust,” adds Ram Mohan, CTO of Afilias, which has been working to help the Public Interest Registry handle its deployment. There are many places where DNSSEC must be switched on in order for the chain of trust to flow unbroken from the user to a website. Once a top-level domain (such as .org or .com) implements DNSSEC, any website under that domain can choose to turn on DNSSEC as well, which is an important link in the chain. Since Internet service providers such as Comcast have started supporting DNSSEC, Mohan says, it’s becoming possible for some website visits to fall largely under the protection of DNSSEC.
Mohan says that he’s hopeful that more domains will implement DNSSEC soon. “It’s about damn time that DNS got more secure,” he says. “The integrity of DNS traffic is starting to be questioned with the advent of phishing and botnets and stuff like that. Here is a concrete thing that can be done that is proven to eliminate a clear problem.”
Ram Mohan, BSc, MA is the Executive Vice President and Chief
Technology
Officer at
Afilias Limited. Afilias, based in Ireland with offices in
the US, Canada, India, UK and Germany, is the registry operator for the
.info and .aero domains, the registry services provider for the .org,
.mobi and .asia domains, India’s .in domain and 10 other sovereign
country domains (ccTLDs).
Ram is a recognized expert in
Internationalized Domain Names (IDNs) the effort to make domain names
work in scripts and languages other than ASCII/English. He was a
co-author of the IDN Guidelines that have been widely adopted by
registries worldwide, and has authored, edited or reviewed the majority
of ICANN IDN technical and policy documents. He is a member of the IDN
President’s Advisory Committee. He chaired the ICANN Working Group on
IDNs. He was an invited expert to the ICANN Reserved Names Working
Group. He now chairs the Security and Stability Advisory Committee SSAC
IDN Study Group.
Ram is one of the founding members of the ICANN Security & Stability
Committee (SSAC), and the ICANN Nominating Committee (NomCom). He has
served on the ICANN Whois task force, and is a member of the
DNSSEC-Deployment Working Group. Ram serves a liaison to the Board of
Directors of ICANN, appointed by SSAC.
He sits on several W3C (World Wide Web consortium) steering
committees, and is involved in the Mobile Web Initiative and
Internationalization efforts of the W3C.
Ram is involved in the Pan Localization project, a regional initiative
to develop local language computing capacity in Asia, and is a co-author
of a chapter on Internationalization in a forthcoming book on Asian
languages.
Ram is Afilias’ representative to the Unicode consortium, a non-profit
organization founded to develop, extend and promote use of the Unicode
Standard, which specifies the representation of text in modern software
products and standards. He participates in the Unicode South Asian
languages working group.
An active public speaker, he has delivered speeches on Internet
Security, Cybercrime, DDOS Attacks, Multilingualization, Digital Divide,
IDNs, DNSSEC, and Whois. He sits on the boards of various educational
and
leadership non-profit organizations in North America and Asia.
Ram is also involved in funding early stage entrepreneurs through
Charter membership in TiE, a global network of entrepreneurs &
professionals dedicated to the advancement of entrepreneurship.
He earned his BSc in Electrical Engineering at the
Manipal Academy of Higher Education, India in 1990. He earned his
MBA in Finance and Entrepreneurship at
Bharathidasan University, India in 1992.
He completed his
Certificate Program on Negotiation, Business Management at
Harvard Business School in 2001. He is currently finishing up his MSc
in Computer Science at Drexel University, Philadelphia.
Ram Mohan is the name that is framed by combining names of
HINDU Gods
RAMA and MOHAN (which also is the other name of Krishna), although in
the case of this Ram Mohan, “Ram” is really an abbreviation of his
longer Indian name, Cedarampattu, which is a homonym of his home town in
South India, Sedarampattu.
Watch
Ram Mohan – Keep the Core Neutral @ ICANN.