Perhaps it's summertime blues, DNSSEC-fatigue, or simply recognition of fait accompli, but the comment period for NTIA's notice of intent to proceed with the final stages of Domain Name System Security Extensions (DNSSEC) implementation in the authoritative root zone has passed with only a handful of comments submitted. (although there seems to be some fishing going on for support) Root server operator Autonomica, registry operators Nominet and Neustar, AT&T, as well as Paypal and Connotech were generally supportive of the action and congratulatory toward NTIA, VeriSign and ICANN. However, one commenter criticized that the “US government crypto culture tainted the detailed arrangements.” Paypal offered its support, but with a caveat, saying
We endorse DNSSEC Implementation in the Authoritative Root Zone with the proviso that this is not viewed as an end state but rather a “final stage” of “an interim approach to meet a pressing need”. We are certain that NTIA recognizes security of the Internet is an ongoing process requiring continual review and periodic change.
As stated in our comments to the original Notice of Inquiry, we remain convinced that “vesting control of root zone signing in one entity is too tempting an attack target and too subject to political pressure from a single government or entity.” We continue to believe that some form of M-of-N signing is a preferred longer-term mechanism, and encourage NTIA to work with the Internet community to further develop such an approach.
We're not too optimistic about such a change once the process is in place. ICANN, NTIA and VeriSign plan to sign the root on July 15.
Read all the comments.