US Department of Homeland Security demanding DNS Masterkey April 2
As some of you probably already heard from the news the DHS demanded his claim for the upcoming DNSSEC masterkey. This throws up several questions about aplomb of ICANN and IANA once again.
I have to say that i was also not really thinking about that issue much in my time before participating in ORSN. But which came up as a simple operator job for a DNS server worked out as a big political thing. More on this later.
Latest trends should bring all other nations in an alarm state. Fact is, if one country should ever be capable of this key it’s the country that controls the root zone itself. As recently shown ICANN is not doing quite well with legal issues on basis of privately held firms - so for me this questions how they do with governments? I personally would see it as best solution if this would go to a neutral authority (UN is one example) or maybe they would take the path the ITU did (if still possible) once.
So what does this mean for the Open Root Server Network? Well, several things. We are currently working on our approach to bring in DNSSEC to the root zone. As some of you might ask - what’s the big deal? Clearly said it’s not the technical aspect.
- There is still an open question about zone traversal and DNSSEC. As DNSSEC in the root zone would close the last gap in the hierachy this should be considered.
- Holding keys securely and still available for the signing work is an important thing to work on.
- Get people to use the functions is absolutely necessary. So a lot of lobbying work has to be done.