No subject

Robert J. Berger rberger at ibd.com
Sat Mar 31 05:27:12 PDT 2007 

<dave at farber.net>
Subject: Department of Homeland and Security wants master key for DNS

Department of Homeland and Security wants master key for DNS

Monika Ermert, Craig Morris Heise Online

http://www.heise.de/english/newsticker/news/87655

The US Department of Homeland Security (DHS), which was created after  
the attacks on September 11, 2001 as a kind of overriding department,  
wants to have the key to sign the DNS root zone solidly in the hands  
of the US government. This ultimate master key would then allow  
authorities to track DNS Security Extensions (DNSSec) all the way  
back to the servers that represent the name system's root zone on the  
Internet. The "key-signing key" signs the zone key, which is held by  
VeriSign. At the meeting of the Internet Corporation for Assigned  
Names and Numbers (ICANN) in Lisbon, Bernard Turcotte, president of  
the Canadian Internet Registration Authority (CIRA) drew everyone's  
attention to this proposal as a representative of the national top- 
level domain registries (ccTLDs).

At the ICANN meeting, Turcotte said that the managers of country  
registries were concerned about this proposal. When contacted by  
heise online, Turcotte said that the national registries had informed  
their governmental representatives about the DHS's plans. A  
representative of the EU Commission said that the matter is being  
discussed with EU member states. DNSSec is seen as a necessary  
measure to keep the growing number of manipulations on the net under  
control. The DHS is itself sponsoring a campaign to support the  
implementation of DNSSec. Three of the 13 operators currently work  
outside of the US, two of them in Europe. Lars-Johan Liman of the  
Swedish firm Autonomica, which operates the I root server, pointed  
out the possible political implications last year. Liman himself  
nomited ICANN as a possible candidate for the supervisory function.

The Internet Assigned Numbers Authority (IANA), which handles route  
management within the ICANN, could be entrusted with the task of  
keeping the keys. An ICANN/IANA solution would offer one benefit  
according to some experts: there would be no need to integrate yet  
another institution directly into operations. After all, something  
must be done quickly if there is a problem with the signature during  
operations. If the IANA retains the key, however, US authorities  
still have a political problem, for the US government still reserves  
the right to oversee ICANN/IANA. If the keys are then handed over to  
ICANN/IANA, there would be even less of an incentive to give up this  
role as a monitor. As a result, the DHS's demands will probably only  
heat up the debate about US dominance of the control of Internet  
resources.


bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
Robert J. Berger - Internet Bandwidth Development, LLC.
Voice: 408-882-4755 eFax: +1-408-490-2868
http://www.ibd.com




-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/@now
Powered by Listbox: http://www.listbox.com

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list