The US Cybersecurity and Infrastructure Security Agency (CISA) is taking over the administration of the .GOV top-level domain (TLD) as its new policy and management authority.
The DotGov Program operates the .GOV top-level domain (TLD) and makes such domains available to US government organizations, from local municipalities to federal agencies.
DotGov and its shared infrastructure were previously overseen by the US General Services Administration (GSA) for more than 20 years.
.GOV is US critical infrastructure
The move was prompted by .gov being seen as critical infrastructure since “it’s central to the availability and integrity of thousands of online services relied upon by millions of users.
“For those that use it, .gov is critical infrastructure: it’s central to the availability and integrity of thousands of online services relied upon by millions of users,” the announcement reads.
“Since it underpins communication with and within these institutions, all aspects of .gov’s administration have cybersecurity significance.”
CISA assuming governance over .gov from the US General Services Administration (GSA) happens under the ‘DOTGOV Act of 2020,’ part of the Consolidated Appropriations Act of 2021.
The bipartisan bill sponsored by US Senator Gary Peters was introduced in Senate on October 30, 2019, as the ‘DOTGOV Act of 2019,’ seeking, among other things, to provide CISA with the authority to manage the .gov TLD after assuming governance from the GSA.
The Department of Homeland Security’s cybersecurity unit is working on a user-centered platform for DNS management.
CISA also wants to provide other services that should help government organizations maintain the privacy, reliability, accessibility, and speed of .gov domains and better protect their systems from security threats.
Grants for .GOV migration
While currently, .gov domains have a price tag attached to the operation of the TLD, the price should change starting next year since Congress wants such domains to be “available at no cost or a negligible cost” to US govt organizations.
Additionally, Homeland Security Grants might also be made available for migrating government organizations’ to .gov infrastructure.
“For current .gov registrants, the transfer won’t impact use of the .gov registrar, which is where domains are managed, renewed, and where new domains can be requested,” the announcement adds.
“GSA and CISA are working together to ensure a seamless transition in day-to-day operations, which will be finalized by late April.”
The US gov also started requiring notarized signatures as part of the registration process for .gov domains beginning March 10, 2020.
This move was part of a more considerable effort designed to block unauthorized orgs and individuals from registering such domains to use them for mail and wire fraud schemes.
Source: https://www.bleepingcomputer.com/news/security/cisa-takes-over-gov-top-level-domain-tld-administration/