Archive for category Uncategorized
Root zone KSK practice statement issued
Posted by Denise Graveline in Uncategorized on June 15, 2010
A DNSSEC Practice Statement for the root zone key signing key manager (KSK) detailing “practices and provisions that ICANN, on behalf of the U.S. Department of Commerce (DoC), employ in providing Root Zone Key Signing and Key Distribution services,” another step toward signing the root zone this summer.
First key ceremony set for tomorrow
Posted by Denise Graveline in Uncategorized on June 15, 2010
ICANN detailed the first production DNSSEC key ceremony in a high security data center in Culpeper, VA, outside of Washington, DC, pictured here. The ceremony takes place tomorrow, June 16, and is designed to demonstrate the transparency and trust needed to secure the domain name system. The ICANN article describes the process that will be followed tomorrow:
During the key ceremony the first cryptographic digital key used to secure the Internet root zone will be generated and securely stored.
Each key ceremony consists of a series of detailed procedures designed to allow the private key material for the root zone to be managed in a transparent yet secure manner. The goal is for the whole Internet community to be able to trust that the procedures involved were executed correctly, and that the private key materials are stored securely.
Security of the private key is important because it ensures that any signature made by that key is known to originate from a legitimate key ceremony, and not by an untrusted third party.
Can .gov trust .com? asks GCN
Posted by Denise Graveline in Uncategorized on June 15, 2010
Government Computer News reported earlier this month on the islands of trust in the chain of DNS security as deployment moves forward, including interviews with Initiative partners Scott Rose of the National Institute of Standards and Technology, and Shinkuro CEO Steve Crocker. Crocker noted, “We are in the early days of deployment…We have some early adoption, and things are well on their way but still far away from the end point.” The article examines the progress of DNSSEC deployment in the U.S. federal government as well as the commercial, nonprofit and education sectors.
APNIC starts third phase of DNSSEC deployment
Posted by Denise Graveline in Uncategorized on June 11, 2010
APNIC, which provides Internet addressing services to the Asia Pacific region, is now in phase three of its DNSSEC deployment, in which it will introduce its members’ DNSSEC data. In previous phases, the group conducted a DNSSEC platform test and signed its zones. In the new phase, the announcment notes, members can “enable DNSSEC protection to their reverse zones by registering Delegation Signer (DS) resource records to their parent zone data that is stored in APNIC’s name servers. The phase 3 addition to MyAPNIC’s reverse delegation screen is an optional field that allows Members to enter the DS record when they are ready to implement DNSSEC.”
NTIA issues report, signals intent to complete root zone signing
Posted by Denise Graveline in Uncategorized on June 8, 2010
The National Telecommunications and Information Administration of the U.S. Department of Commerce has published notice in the Federal Register (PDF) today announcing that its testing and evaluation report on DNSSEC is available, and indicating the agency intends to proceed “with the final stages of DNSSEC deployment in the authoritative root zone.” The public is invited to review and comment on the report and the final steps in signing the root zone. Comments will be posted on the agency’s website.
DNSSEC deployed in .US; .BIZ shortly to follow, Neustar says
Posted by Denise Graveline in Uncategorized on June 7, 2010
Neustar announced today that DNSSEC has been deployed in the .US zone, and says that it is ready to accept Delegation Signer records. The .BIZ zone will be signed next, with DS record accepted as early as July 15, 2010. As a result, it will be “the second gTLD to be fully DNSSEC-enabled.”
Update – The .BIZ domain was signed on August 7, 2010.
First root zone KSK ceremony set
Posted by Denise Graveline in Uncategorized on June 4, 2010
CircleID reports on details of the first ICANN key signing key ceremony — at which ” first root zone KSK will be initialised and the first production KSR will be processed” — to be held June 16 in Culpeper, Virginia. The post notes:
…since this event has generated significant interest, we have made additional space available in an adjacent room for observers who wish to attend the event. Observers will be able to watch the proceedings within the ceremony room in real-time using a closed-circuit audio-visual feed from the ceremony room, and staff will be available to answer questions those attending might have about what they are seeing.
TERENA Networking Conference features June 3 DNSSEC session
Posted by Denise Graveline in Uncategorized on June 1, 2010
A half-day workshop on DNSSEC is scheduled for Thursday, June 3, at the TERENA Networking Conference, TNC 2010, in Lithuania. Starting at 1:30 local time/MET, the workshop panelists will examine an introduction to DNSSEC, open source and commercial solutions, and hands-on experiences. Go here for a live video and audio stream, and a recording will be available after the event. A Google Wave also will be available for remote participation.
InfoWorld CTO 25 Awards cite Mohan for DNSSEC leadership
Posted by Denise Graveline in Uncategorized on June 1, 2010
InfoWorld’s 2010 CTO 25 Awards include Ram Mohan of Afilias for his leadership in DNSSEC deployment. Mohan’s citation notes the work Afilias has done on behalf of the Public Interest Registry and .org, and says that he:
…set the strategy and architected the deployment of DNSSec at PIR allowing for all 7.5 million .org domain names to be accessed without being hijacked on the Internet. Mohan has also established a technology strategy to support the rollout of DNSSec for the other top-level domains in 10 countries, and for the global top-level domain registries that Afilias supports, which together account for more than 15 million domains. This has set a standard for DNSSec deployment worldwide.
Packed agenda for DNSSEC workshop at ICANN Brussels meeting
Posted by Denise Graveline in Uncategorized on June 1, 2010
A packed agenda is planned for the DNSSEC Workshop at the ICANN Meeting in Brussels, Belgium, to be held Wednesday, 23 June 2010 from 9:00 a.m. to 1:30 p.m. (local time). The discussion will include such topics as DNSSEC deployment around the world, operational Issues with DNSSEC, using data and getting it out, tool development, and activities from the region. The session, which comes shortly after the expected signing of the root zone, also will include an update on that topic.
-
You are currently browsing the archives for the Uncategorized category.
Sponsored By
Recent Comments