US Government Strengthens .gov Domain Registration Verification
Registering a .gov domain is about to get much more difficult as the US government will soon begin requiring notarized signatures as part of the registration process starting March 10.
The reason behind this is to prevent wire and mail fraud that could lead to .gov domains, which are generally considered safe because they are registered by government agencies, from being registered by unauthorized organizations or individuals. .
The United States General Services Administration (GSA) oversees the DotGov program which operates the .gov top-level domain (TLDs) and makes these domains available to government organizations in the United States.
In a update on their website (opens in a new tab)DotGov explains why notarized signatures will soon be required to register a .gov domain, which reads:
“As of March 10, 2020, the DotGov program will begin requiring notarized signatures on all authorization letters when submitting an application for a new .gov domain. This is a security enhancement needed to prevent email and electronic signature forgery fraud when obtaining a .gov domain. This step will help maintain the integrity of .gov and ensure that .gov domains continue to be assigned only to official US government organizations.
Registering .gov domains
In order to apply for a .gov domain, government organizations must prepare and submit an authorization letter and complete an online form after receiving their .gov registration account.
The authorization letter must use official letterhead and must also include a signature of an organization’s authorization authority as per the DotGov program. However, starting March 10, this letter will need to be accompanied by a notarized signature to prevent organizations or individuals from registering a .gov domain without the proper authorization.
The change to how .gov domains are registered comes after an independent security researcher Brian Krebs revealed in November last year that almost anyone can register a .gov domain (opens in a new tab) using false information on the authorization letter. However, if someone is caught doing so, they could be charged with wire or mail fraud.
Going through BeepComputer (opens in a new tab)