ICANN to Nairobi
Posted by Jeffrey Dewhurst in Meetings and Workshops on December 4, 2009
ICANN to Nairobi: ICANN’s 37th meeting will be held in Nairobi, Kenya, March 7-12, 2010.
DNSSEC deployment to be featured at FOSE 2010
Posted by Jeffrey Dewhurst in Meetings and Workshops on December 4, 2009
DNSSEC deployment to be featured at FOSE 2010: A special presentation, “What’s Next in DNSSEC: Securing the Domain Name System” will be presented at FOSE, the conference and exhibition for the U.S. government IT community, on Wednesday, March 24, 2010 from 10:30 a.m. to 4:30 p.m. Registration for the session will begin in November 2009 and is open to all FOSE and GovSec/U.S. Law attendees; pre-registration is required for the session, which is free. The day-long session will assess the U.S. federal response to securing its domains; examine challenges faced by agencies deploying DNSSEC; and share lessons learned and next steps as DNSSEC is deployed in other sectors. Software and hardware naming solutions also will be presented to update participants on available options for automating or easing deployment challenges. The session is organized by the DNSSEC Deployment Coordination Initiative and supported by the U.S. Department of Homeland Security. To exhibit in the DNSSEC Pavilion at FOSE, contact Don Berey, Show Director at 703-876-5073 or send him an email at [email protected].
ENISA, the European Network and Information Security Agency, has issued a report, “Study on the costs of DNSSEC Deployment”
Posted by Jeffrey Dewhurst in Case Studies on December 4, 2009
ENISA, the European Network and Information Security Agency, has issued a report, “Study on the costs of DNSSEC Deployment”: The purpose of the report is to study the costs of DNSSEC deployment, assess the required changes of roles required by DNSSEC deployment, and analyze the investments that deployment of DNSSEC would require. The study concludes, among its many findings, that the cost of deployment will be lowest among pure registrars and higher for registries and zone operators.
ICANN releases DNSSEC policy and practices
Posted by Jeffrey Dewhurst in Policy on December 4, 2009
ICANN releases DNSSEC policy and practices: The latest version of ICANN’s DNSSEC Policy and Practice Statement for the root-zone key-signing key operator, codifying practices for management and issuing of DNS keys in keeping with U.S. Department of Commerce requirements, as well as other documents related to DNSSEC in the root can be found at the root-dnssec documentation page.
Infoblox study shows tripling of DNSSEC adoption
Posted by Jeffrey Dewhurst in Adoption on December 4, 2009
Infoblox study shows tripling of DNSSEC adoption: Government Computer News notes that a recent Infoblox and Measurement Factory study of domain name servers on the Internet found a tripling of zones signed with DNSSEC, based on a sample of 5 percent of the Internet’s IPv4 address space. From the article: “The scan showed that the number of zones signed using DNSSEC—the DNS Security Extensions—jumped from 45 to 167 in the past year. ‘The [DNSSEC] numbers in an absolute sense are small,’ [Infoblox Vice President for Architecture Cricket] Liu said. ‘But people do seem to be interested in it. It’s catching on’.”
Dot-ORG documents “the DNSSEC groundswell”
Posted by Jeffrey Dewhurst in Adoption on December 4, 2009
Dot-ORG documents “the DNSSEC groundswell”: A blog post from dot-ORG, the Public Interest Registry, details the “groundswell” of progress toward DNSSEC deployment, from major steps such as the U.S. federal government mandate for agencies to deploy DNSSEC to PayPal’s support for the security extensions.
Deployment watch: Penn, dot-TM, VeriSign, Dyn and NamesBeyond
Posted by Jeffrey Dewhurst in Adoption on December 3, 2009
Help this newsletter stay up-to-date on your organization’s deployment news by submitting information about your DNSSEC deployment deadlines, test beds or other progress to <[email protected]>. This month’s updates include:
* University of Pennsylvania first U.S. university to deploy: The University of Pennsylvania announced it is the first U.S. university to implement DNSSEC across the entire institution. Shumon Huque, a Penn IT technical director, also is working with EDUCAUSE to secure the dot-EDU top-level domain “Higher education can take a leadership role in securing the DNS,” Huque said. “If a few universities in advanced networking adopt DNSSEC and share experiences, we can make broad deployment more straightforward for the larger community.”
* Turkmenistan announces DNSSEC deployment: Turkmenistan’s dot-TM domain registry has launched DNSSEC. While not a trademark registry, it encourages trademark owners to register dot-TM names.
* VeriSign launches boot camp, tools and training to aid DNSSEC deployment: VeriSign has created a technical “boot camp” program to train registrars, ISPs and larger registrants in DNSSEC assessment and implementation. The effort also includes an interoperability lab that will allow vendors to evaluate how their equipment works with DNSSEC. Network and computing equipment manufacturers also are being invited to VeriSign to review how DNSSEC will work with their equipment when DNSSEC is implemented in the .com and .net TLDs. VeriSign has announced it will deploy DNSSEC in the dot-COM and dot-NET domains by early 2011 and is working with EDUCAUSE on DNSSEC deployment in the dot-EDU domain.
* Dyn, Inc. reports on testing with dot-ORG: Dyn, Inc. published resources and updates about its testbed and other preparations for deploying DNSSEC for dot-ORG zones registered with the company.
* NamesBeyond has embedded support for DNSSEC. They offer DNSSEC management and configuration, allowing customers to configure DNSSEC parameters such as key type, size, validity period, supporting both NSEC and NSEC3 parameters.
Recent Comments