No subject
Robert J. Berger
rberger at ibd.com
Sat Mar 31 05:27:12 PDT 2007
<dave at farber.net>
Subject: Department of Homeland and Security wants master key for DNS
Department of Homeland and Security wants master key for DNS
Monika Ermert, Craig Morris Heise Online
http://www.heise.de/english/newsticker/news/87655
The US Department of Homeland Security (DHS), which was created after
the attacks on September 11, 2001 as a kind of overriding department,
wants to have the key to sign the DNS root zone solidly in the hands
of the US government. This ultimate master key would then allow
authorities to track DNS Security Extensions (DNSSec) all the way
back to the servers that represent the name system's root zone on the
Internet. The "key-signing key" signs the zone key, which is held by
VeriSign. At the meeting of the Internet Corporation for Assigned
Names and Numbers (ICANN) in Lisbon, Bernard Turcotte, president of
the Canadian Internet Registration Authority (CIRA) drew everyone's
attention to this proposal as a representative of the national top-
level domain registries (ccTLDs).
At the ICANN meeting, Turcotte said that the managers of country
registries were concerned about this proposal. When contacted by
heise online, Turcotte said that the national registries had informed
their governmental representatives about the DHS's plans. A
representative of the EU Commission said that the matter is being
discussed with EU member states. DNSSec is seen as a necessary
measure to keep the growing number of manipulations on the net under
control. The DHS is itself sponsoring a campaign to support the
implementation of DNSSec. Three of the 13 operators currently work
outside of the US, two of them in Europe. Lars-Johan Liman of the
Swedish firm Autonomica, which operates the I root server, pointed
out the possible political implications last year. Liman himself
nomited ICANN as a possible candidate for the supervisory function.
The Internet Assigned Numbers Authority (IANA), which handles route
management within the ICANN, could be entrusted with the task of
keeping the keys. An ICANN/IANA solution would offer one benefit
according to some experts: there would be no need to integrate yet
another institution directly into operations. After all, something
must be done quickly if there is a problem with the signature during
operations. If the IANA retains the key, however, US authorities
still have a political problem, for the US government still reserves
the right to oversee ICANN/IANA. If the keys are then handed over to
ICANN/IANA, there would be even less of an incentive to give up this
role as a monitor. As a result, the DHS's demands will probably only
heat up the debate about US dominance of the control of Internet
resources.
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
Robert J. Berger - Internet Bandwidth Development, LLC.
Voice: 408-882-4755 eFax: +1-408-490-2868
http://www.ibd.com
-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/@now
Powered by Listbox: http://www.listbox.com
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list