Internet Governance Project (IGP)
Subscribe
Twitter
Recent Article Posts
The "exceptional" status of IP address governance
US memo: ITU's Dubai meeting not likely to affect Internet Governance
We are all Internet exceptionalists now
ARIN propagandizes the bankruptcy bar
NPR story on ICANN and Internet governance: way off target
Recent Comments
Re: Re: The "exceptional" status of IP address governance
Re: Re: Re: Competition policy letters to ICANN part of a US-EC "plot"
Re: Competition policy letters to ICANN part of a US-EC "plot"
Re: The "exceptional" status of IP address governance
Re: Nortel, in bankruptcy, sells IPv4 address block for $7.5 million
Month Archive
November 2008
October 2008
September 2008
August 2008
July 2008
Year Archive
2012
2011
2010
2009
2008
2007
2006
2005
Login
User name:
Password:
Remember me 
US Department of Commerce stands in the way of DNS Security
by Dave Smiley
US Department of Commerce stands in the way of DNS Security In a move surely to raise eyebrows in the international community the US Department of Commerce, made clear [1] their intention to block efforts to completely secure key data by requiring sensitive keys to be transmitted to a third party before being published in final protected (signed) form. Their motivations, as well as the reasons for the intensity of their remarks, are unclear particularly given the minor nature of the proposed change and ICANN having already provided such functionality [2]. In fact the need for this change was envisioned and agreed to between VeriSign and ICANN some time ago [3]. As noted in [4] Commerce’s effective attempts to gag ICANN to discuss proposals leads one to further questions and concerns about transparency. DNSSEC will not only fix recently discovered DNS vulnerabilities but will become a secure platform for many future applications. Maintaining trust from TLD operator to signed root by minimizing any avenues for corruption or error, by protecting (DNSSEC signing) sensitive keys at the point where they are authenticated and validated, ensures the Internet and any new developments will be able to rely on the security of this platform into the distant future. Just because the specifics of the current approach to managing the root have worked for so many years doesn’t mean it couldn’t benefit from a minor change. That’s how we got to where we are now – holding back on changes until serious vulnerabilities are discovered and then trying to quickly secure the decades old DNS protocol. We should take this opportunity to be proactive – not reactive – and insist that the US government let the international community of Internet experts do their best in securing the DNS or - take it elsewhere. [1] last para http://www.ntia.doc.gov/comments/2008/ICANN_080730.html [2] last para http://www.circleid.com/posts/88183_pressing_need_for_a_signed_root/ [3] para 2 “Root Server Management Transition Completion Agreement 2006” [4] para 3 http://www.icann.org/correspondence/baker-to-twomey-09sep08.pdf
Post comment:
Format Type: 
  Convert newlines
  Receive comment notifications for this article
Subject: 
   
insert bold tags insert italic tags insert underline tags insert strikethough tags insert link insert blockquote tags
Comment: 
Comment verification:

Please enter the text you see inside the graphic to post your comment:
This blog does not allow anonymous comments. Please provide your username and password along with your comment.
Login information:
Username: 
Password: 
If you would like to post contact information on your comment, please enter your information into the optional fields below:
Contact information:
URL:  example: http://yourdomain.com
   
Help support our work
Make a secure, tax deductible donation online today.
What we're reading
Upcoming Events
View all Events
Who's Reading IGP Blog?
Internet Governance Project
c/o School of Information Studies, Syracuse University
Syracuse, NY USA 13244
p: +1.315.443.5616   e: info[at]internetgovernance.org

Creative Commons License | Privacy Statement