Perhaps it's summertime blues, DNSSEC-fatigue, or simply recognition of fait accompli, but the comment period for NTIA's notice of intent to proceed with the final stages of Domain Name System Security Extensions (DNSSEC) implementation in the authoritative root zone has passed with only a handful of comments submitted. (although there seems to be some fishing going on for support) Root server operator Autonomica, registry operators Nominet and Neustar, AT&T, as well as Paypal and Connotech were generally supportive of the action and congratulatory toward NTIA, VeriSign and ICANN. However, one commenter criticized that the “US government crypto culture tainted the detailed arrangements.” Paypal offered its support, but with a caveat, saying
We endorse DNSSEC Implementation in the Authoritative Root Zone with the proviso that this is not viewed as an end state but rather a “final stage” of “an interim approach to meet a pressing need”. We are certain that NTIA recognizes security of the Internet is an ongoing process requiring continual review and periodic change.
As stated in our comments to the original Notice of Inquiry, we remain convinced that “vesting control of root zone signing in one entity is too tempting an attack target and too subject to political pressure from a single government or entity.” We continue to believe that some form of M-of-N signing is a preferred longer-term mechanism, and encourage NTIA to work with the Internet community to further develop such an approach.
We're not too optimistic about such a change once the process is in place. ICANN, NTIA and VeriSign plan to sign the root on July 15.
Read all the comments.
Unfortunately this particular type of implimentation of DNSSEC is dependant of third party 'look aside' servers which may or may not be updated to proper status. Ergo seems that yet another layer of trust or lack there of will soon exist and will at some point be recognized and exposed more fully in due time.
The National Institute of
Standards and Technology (NIST), the
National Telecommunications and
Information Administration (NTIA), and
the International Trade Administration
(ITA), on behalf of the U.S. Department
of Commerce (Department), will hold a
public meeting on July 27, 2010, to
discuss the relationship between
cybersecurity in the commercial space
and innovation in the Internet economy.
DATES: The meeting will be held on July
27, 2010, from 9 a.m. to 4:45 p.m.,
Eastern Daylight Time. Registration will
begin at 8:30 a.m.
I would like to thank you for sharing the information. Its really helpful for me.
yawn
Now for DNSSEC De-Bugging
DN$$EC
https://lists.dns-oarc.net/pipermail/dns-operations/2010-July/date.html
IETF experts can't make DNSSEC work?
http://www.ietf.org/mail-archive/web/ietf/current/msg62546.html
Oh, you want DNSSEC to work ?
Ah, that will cost another 100 million $$$$
How is ICANN spending your money?
http://www.icannwatch.com/
Over a year with the new ICANN CEO.
Over a million dollars in salary and perks.
That does not include new offices in tony & cluby Palo Alto.
Amazing transparency. Over one year and not one
investigative journalism article on how the new CEO
was parachuted into the position?
Why pay an executive recruiter when they are all Ira's business partners?
ICANN's Finances
$58 million dollars per year !! for what ?
http://blog.icann.org/