[Editors Note: Apologies for the belated writeup of an informative panel discussion on the implications of DNSSEC deployment and signing the root.]
“If you hold the [DNSSEC] keys you can decide who is the root zone file editor and who are the root servers. You hold the keys to the Internet kingdom.” – Paul Vixie
On May 17, 2007, IGP, George Mason University Law School's Critical Infrastructure Protection Program and the EPFL eGov program hosted a panel on DNS Security Extensions (DNSSEC) at the Swiss Embassy in Washington DC. Several recognized technical experts from the private sector, ICANN and the US government discussed the deployment of DNSSEC, and in particular the policy dimensions of digitally signing the Internet’s root zone file. The audience of nearly 80 people included Department of Commerce officials, US government contractors, policy-makers, public-interest advocates and graduate students. Moderated by Brenden Kuerbis of the Internet Governance Project, the panel included Paul Vixie (ISC), David Conrad (IANA), Scott Rose (US Department of Commerce-NIST), Matt Larson (VeriSign), and Thierry Moreau (Connotech). The discussion highlighted major technical challenges facing DNSSEC deployment, and the effects of root signing on tld zone operators and the Internet’s Domain Name System (DNS).