Posts Tagged TLD
New gTLDs will support DNSSEC from the start
Posted by Mark Feldman in Uncategorized on January 12, 2012
Today is the first day ICANN is accepting applications for new generic top-level domains (gTLDs). The Applicant Guidebook makes it clear that all new gTLDs must support DNSSEC from the start. While the expansion of the TLD name space has been somewhat controversial, ensuring support for DNSSEC going forward has not been.
Steve Crocker, chairman of the board of ICANN, said:
The Board and the staff at ICANN have fully understood the importance of DNSSEC. ICANN signed the root in 2010 and has advocated all top level domains be signed. It is only natural that DNSSEC be required from the beginning for all new generic top level domains.
Report on DNSSEC administrative tools released:
Posted by Jeffrey Dewhurst in Uncategorized on January 4, 2010
Dot-SE (The Internet Infrastructure Foundation) has released a [now final] report it commissioned from independent IT security firm Certezza focused on the functionality of signing and key management tools. The report notes, “the product standard is good and the tested products work as expected.”
Deployment watch: Penn, dot-TM, VeriSign, Dyn and NamesBeyond
Posted by Jeffrey Dewhurst in Adoption on December 3, 2009
Help this newsletter stay up-to-date on your organization’s deployment news by submitting information about your DNSSEC deployment deadlines, test beds or other progress to <[email protected]>. This month’s updates include:
* University of Pennsylvania first U.S. university to deploy: The University of Pennsylvania announced it is the first U.S. university to implement DNSSEC across the entire institution. Shumon Huque, a Penn IT technical director, also is working with EDUCAUSE to secure the dot-EDU top-level domain “Higher education can take a leadership role in securing the DNS,” Huque said. “If a few universities in advanced networking adopt DNSSEC and share experiences, we can make broad deployment more straightforward for the larger community.”
* Turkmenistan announces DNSSEC deployment: Turkmenistan’s dot-TM domain registry has launched DNSSEC. While not a trademark registry, it encourages trademark owners to register dot-TM names.
* VeriSign launches boot camp, tools and training to aid DNSSEC deployment: VeriSign has created a technical “boot camp” program to train registrars, ISPs and larger registrants in DNSSEC assessment and implementation. The effort also includes an interoperability lab that will allow vendors to evaluate how their equipment works with DNSSEC. Network and computing equipment manufacturers also are being invited to VeriSign to review how DNSSEC will work with their equipment when DNSSEC is implemented in the .com and .net TLDs. VeriSign has announced it will deploy DNSSEC in the dot-COM and dot-NET domains by early 2011 and is working with EDUCAUSE on DNSSEC deployment in the dot-EDU domain.
* Dyn, Inc. reports on testing with dot-ORG: Dyn, Inc. published resources and updates about its testbed and other preparations for deploying DNSSEC for dot-ORG zones registered with the company.
* NamesBeyond has embedded support for DNSSEC. They offer DNSSEC management and configuration, allowing customers to configure DNSSEC parameters such as key type, size, validity period, supporting both NSEC and NSEC3 parameters.
Sponsored By
Recent Comments