Latest news of the domain name industry

Recent Posts

US government requests root DNSSEC go-ahead

Kevin Murphy, June 7, 2010, 20:36:26 (UTC), Domain Tech

The National Telecommunications and Information Administration, part of the US Department of Commerce, has formally announced its intent to allow the domain name system’s root servers to be digitally signed with DNSSEC.

Largely, I expect, a formality, a public comment period has been opened (pdf) that will run for two weeks, concluding on the first day of ICANN’s Brussels meeting.

NTIA said:

NTIA and NIST have reviewed the testing and evaluation report and conclude that DNSSEC is ready for the final stages of deployment at the authoritative root zone.

DNSSEC is a standard for signing DNS traffic using cryptographic keys, making it much more difficult to spoof domain names.

ICANN is expected to get the next stage of DNSSEC deployment underway next week, when it generates the first set of keys during a six-hour “ceremony” at a secure facility in Culpeper, Virginia.

The signed, validatable root zone is expected to go live July 15.

Tagged: , , ,

Comments (1)

  1. Jim Fleming says:

    The current DNSSEC ICANN “Theatrics” are comical.

    The [True Internet Architecture] is NOT high-security data-centers with Check-Point Charlie driveways.

    Savy ISPs and developers long ago gave up on
    those “root servers” ICANN is securing in Fort Knox.

    It is interesting to see ICANN claiming to be planning for
    competition for Verisign from one side of their mouth while partnering with the U.S. Government and Verisign
    from the other side.

    The theatrics are reminiscent of the days when Network
    Solutions (pre-Verisign) would apparently hire armed
    guards on days when noobs were visiting. It was all
    show.

Add Your Comment