US government tightens control over .gov domain registration

Registering a .gov domain is about to get much more difficult as the U.S. government will soon begin requiring notarized signatures as part of the registration process starting March 10.

The reason behind this is to prevent wire and mail fraud that could lead to .gov domains, which are generally considered secure because they are registered by government agencies, from being registered by organizations or individuals not. authorized.

The United States General Services Administration (GSA) oversees the DotGov program that manages the .gov top-level domain (TLD) and makes these domains available to government organizations in the United States.

In an update to its website, DotGov explains why it will soon require notarized signatures to register a .gov domain, which reads:

“As of March 10, 2020, the DotGov program will begin requiring notarized signatures on all letters of authorization when submitting a request for a new .gov domain. This is a necessary security enhancement to prevent mail and wire fraud through signature forgery when obtaining a .gov domain. This step will help maintain the integrity of .gov and ensure that .gov domains continue to be issued only to official U.S. government organizations.

Registering .gov domains

In order to apply for a .gov domain, government organizations must prepare and send an authorization letter as well as complete an online form after receiving their .gov registrar account.

The authorization letter must use official letterhead and must also include a signature from an organization’s authorization authority in accordance with the DotGov program. However, as of March 10, this letter will need to be accompanied by a notarized signature to prevent organizations or individuals from registering a .gov domain without proper authorization.

The change in the way .gov domains are registered comes after independent security researcher Brian Krebs revealed in November last year that almost anyone can register a .gov domain using bogus information on the letter. authorization. However, if someone is caught doing so, they could be charged with wire or mail fraud.

The .gov domain was first created in 1985, and over the past 35 years, users have linked it to legitimate government websites, which is why DotGov’s new requirements make a lot of sense to help maintain the security of .gov sites.

Via BleepingComputer

Comments are closed.