DNSSEC and the issue of signing the root have been hot topics in Internet governance over the past year. Most recently, the IGP co-sponsored workshop at IGF-Rio saw several interested parties (see the workshop writeup) vigorously debating if the root should be signed. Perhaps anticipating that discussion, ICANN released a ccNSO survey of 61 ccTLD operators on DNSSEC just before IGF-Rio. It highlighted that the majority of interviewed operators preferred ICANN/IANA sign the root, but numerous other arrangements were identified as well. In Rio, the CEO of the largest ccTLD argued that deploying DNSSEC at the root entails making a decision about whether to dedicate trust to one or multiple entities. She and a representative of CGI.br openly expressed concern about a single entity controlling such a critical piece of the DNS.

In a promising sign that policy discussions regarding critical internet resources are responding to IGP advocacy and IG Forum discussions, the DNSSEC-Deployment group is now discussing options for distributing root signing authority. This turn in the debate shows that constructive criticism and discussion of DNSSEC governance arrangements can indeed lead to improvements, despite early resistance to even discussing the topic.   more »

The second Internet Governance Forum in Rio de Janeiro continued the slow but steady movement to clarify the critical Internet governance issues. The Forum discussed, for the first time, the initial issue that prompted the international focus on Internet governance, critical Internet resources. It also explored the other clusters that had been identified: openness, diversity, access and security and further refined these. But the main result, not as well noticed, is a growing recognition that the key issues have less to do with the clusters than with where they overlap and conflict.   more »

[Editors note: Below is a summary of discussions which will feed into a report on the "DNSSEC: Securing a Critical Internet Resource" workshop held at IGF-Rio on November 14th.]

This informative workshop, co-sponsored by the Internet Governance Project, CGI.br, and EuroISPA, drew approximately 80-90 attendees from government, civil society, the private sector and technical communities. While the multi-stakeholder panel brought a diversity of opinions regarding DNS Security Extensions (DNSSEC), they agreed that improving the security of the Internet’s infrastructure is an important activity which should be pursued.

In general, there are two camps concerning the deployment of DNSSEC, which is a technical standard that requires coordination among many actors to be successfully deployed on a wide-scale basis. One side is ready to proceed with deployment, particularly the hurdle of creating a “trust anchor” key and digitally signing the root zone file. The other is more cautious in its approach, believing that the successful deployment of DNSSEC is subject to many open technical and governance questions.   more »

It is quickly becoming apparent that an important function of the UN's Internet Governance Forum could be to serve as a long term clearinghouse for knowledge acquisition and assessment concerning Internet governance. Despite its structural imperfections, the IGF is becoming a magnet for the academic community to discuss Internet governance ideas. As such, it may be finding its role in the global Internet governance regime.   more »

The introduction of internationalized domain names (IDNs) offers the world one of the best opportunities it will ever have to introduce more diversity and competition into the domain name registry market. Unfortunately, the politics within ICANN are threatening that opportunity. There is a move afoot to give country code TLD registries a free gift of an IDN top level domain. Did I say "a" free gift? That implies only one. But as I will explain later, it may turn out to be two, or three, or maybe six or even twenty free gifts by the time ICANN's Governmental Advisory Committee and CCNSO gets done with it.   more »