US Govt Starts Moving on Net Security Hole

Starting Thursday morning, the U.S. government is seeking comment on who should create and vouch for the internet’s most crucial document — the root zone file, reports Wired. The article notes that ICANN, VeriSign and the Commerce Department all have different answers to this “long-standing, and geopolitically charged internet governance question.”But it is the speed of obtaining the answer is the key for the security of the internet according to Paul Vixie.”We’ve got to get the root signed, it does not matter by whom,” Vixie said by e-mail. “It’s necessary simply that it be done, by someone, and that we stop anyone from arguing about whether letting someone hold the root key would make them king.”The security of the internet was addressed by NTIA Acting Assistant Secretary Meredith Baker who said this week, “The United States remains committed to preserving the security and stability of the Internet DNS and in light of existing and emerging threats, the time is ripe to consider long-term solutions, such as DNSSEC.”A proposal by ICANN for it to take over the role of signing the root and approving changes, currently submitted to the NTIA for approval, is somewhat controversial as “changing [the] system could be perceived as reducing U.S. control over the net.” However VeriSign sees it differently and in its proposal suggests that its role be enlarged. Under its proposal, “the root zone file will be signed using keys it distributes to the root server operators and if enough of them sign the file, then it is considered official,” reports Wired.To read this Wired article in full, see blog.wired.com/27bstroke6/2008/10/feds-take-step.html.The speech by NTIA Acting Assistant Secretary Meredith Attwell Baker to the French-EU Presidency Conference titled the Internet of Things – Internet of the Future is available from www.ntia.doc.gov/speeches/2008/Baker_EU_081007.html.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.