For the fifth year running, the report of the Internet Resilience Observatory in France, written by the French National Agency for the Security of Information Systems (ANSSI) with the participation of Afnic, analyzes the resilience of the French Internet by studying two protocols, the Border Gateway Protocol (BGP) and the Domain Name System (DNS).
The Observatory encourages all Internet players to adopt the best engineering practices accepted for the BGP [3], DNS [4], and Transport Layer Security (TLS) protocols, and to anticipate the threat of Distributed Denial-of-Service (DDoS) attacks [5]. In addition, the Observatory makes the following recommendations:
- monitor prefix advertisements, and be prepared to react in case of hijacking;
- use algorithms supporting forward secrecy and abandon SSLv2 and SHA-1 in favor of more robust mechanisms;
- diversify the number of SMTP and DNS servers in order to improve the robustness of the infrastructure;
- pursue the deployments of IPv6, Domain Name System Security Extensions (DNSSEC), and Resource Public Key Infrastructure (RPKI) to develop skills and to anticipate possible operational problems.
The report was also presented at the 2016 edition of the Afnic Scientific Council Day on July 11 in Paris, with as its subject: “HTTPS measurements by the Internet Resilience Observatory in France: TLS compatibility and certificate compliance” by Guillaume Valadon and Maxence Tury, both from ANSSI.
About Afnic
Afnic is the acronym for Association Française pour le Nommage Internet en Coopération, the French Network Information Centre. The registry has been appointed by the French government to manage domain names under the .fr Top Level Domain. Afnic also manages the .re (Reunion Island), .pm (Saint-Pierre and Miquelon), .tf (French Southern and Antarctic Territories), .wf (Wallis and Futuna) and .yt (Mayotte) French Overseas TLDs.
In addition to managing French TLDs, Afnic’s role is part of a wider public interest mission, which is to contribute on a daily basis, thanks to the efforts of its teams and its members, to a secure and stable internet, open to innovation and in which the French internet community plays a leading role. As part of that mission, Afnic, a non-profit organization, has committed to devoting 11% of its Revenues from managing .fr Top Level Domain to actions of general interest, in particular by transferring €1.3 million each year to the Afnic Foundation for Digital Solidarity.
Afnic is also the back-end registry for the companies as well as local and regional authorities that have chosen to have their own TLD, such as .paris, .bzh, .alsace, .corsica, .mma, .ovh, .leclerc and .sncf.
Established in 1997 and based in Saint-Quentin-en-Yvelines, Afnic currently has nearly 90 employees.