VeriSign to put more backbone into the Net

Over the next year, VeriSign aims to place additional replicas of one of its Domain Name System root servers--the "J"--in up to 100 data centers around the world, Aristotle Balogh, VeriSign's senior vice president of operations and infrastructure, said in an interview with CNET News.com on Thursday. The company runs two of the DNS root servers--the "A" is the other--that form an essential part of the Internet's naming system.

Ultimately, VeriSign intends to have machines handling traffic sent to the "J" DNS server in more than 200 additional locations, a shift from its original strategy of having a few servers in several data centers at key Internet hubs. The company currently runs "J" replicas in 18 facilities, Balogh said at VeriSign's annual financial analyst event here.

"This expansion provides redundancy and reliability, and specifically deals with the increasing attacks we have out there," he said.

The extra DNS servers could make the Internet infrastructure more resilient because even if some machines are downed by a hacker attack, for instance, others will still function.

VeriSign is not the only organization to run DNS root servers on multiple systems. There are 13 official root servers, which are currently run on about 80 different physical servers, Balogh said.

"We are going to triple that," he said.

DNS servers are a critical part of Internet infrastructure. The servers translate text-based domain names, such as "News.com," into the actual numeric IP addresses of servers connected to the Internet, and vice versa. If part of the DNS system goes down, Web sites could become unreachable and e-mail could become undeliverable.

VeriSign plans to use its expanded infrastructure not only for DNS, but also for its other services, such as SSL (Secure Sockets Layer) certificate verification, commonly used in online commerce to secure transactions. This could make the Web-browsing experience faster, especially in the future, when certificate validations are likely to become more important, Balogh said.

"We will be closer to the user on the network, so it won't take as long to get a response," Balogh said. "I want to be less than 50 milliseconds away from 90 percent of the world's online users."

The new locations will be around the world, in places including Cape Town, South Africa; Taipei, Taiwan; Hong Kong; Madrid, Spain; Warsaw, Poland; and Sao Paulo, Brazil, as well as in unspecified cities in the Middle East. Rather than filling an entire data center or placing large servers in the new locations, VeriSign plans to fill only about half a standard server rack with hardware, Balogh said.

VeriSign, based in Mountain View, Calif., has set goals to expand its business internationally, company executives said at Thursday's analyst meeting. As it grows, the company plans to use its expanded infrastructure to deliver its other products and services to customers, Balogh said.

In addition to operating Internet domains and providing SSL certificates, the company manages security services for enterprises and offers content for mobile phones through its Jamba and Jamster products.

And VeriSign is eying more markets. CEO Stratton Sclavos announced in a presentation Thursday that VeriSign wants to provide infrastructure products to manage the increasing amount of Really Simple Syndication and Atom traffic generated by blogs and other sites on the Web.

VeriSign plans to provide feed, content and identity management products when it comes to RSS and Atom feeds. These products should help prevent RSS and Atom from being abused for spam, phishing and other common Internet-based threats, VeriSign executives said. The company has yet to give details of its product plans.

At 10 years old, VeriSign is only just maturing, Sclavos said. "We are just getting out of our childhood and getting into our adolescence," he said.