- About
- Case Studies
- Guidelines
- Learning Center
- Working Group
- DNSSEC This Month
- Roadmap
Czech Republic passes 87,000 DNSSEC-signed domains
Posted by Graveline in Uncategorized on March 11, 2010
CZ.NIC, the registry for the Czech Republic, has announced that 70,000 additional .CZ zones now have been signed, bringing the registry’s total past 87,000 DNSSEC-signed zones as of the time of the announcement. A counter placed at the bottom of the CZ.NIC homepage shows more than 95,000 zones signed as of this writing. As a result, the Czech registry is “largest registry in the world that registers domains protected in this way.”
Video: Steve Crocker sums up DNSSEC momentum from ICANN Nairobi meeting
Posted by Graveline in Uncategorized on March 11, 2010
In this video interview, Gray Chynoweth, vice president of business operations for Dyn Inc. interviews Initiative partner Steve Crocker, CEO of Shinkuro Inc., at ICANN 37 in Nairobi, Kenya.
ICANN Nairobi DNSSEC workshop now available online
Posted by Graveline in Uncategorized on March 10, 2010
Today’s DNSSEC Workshop at the ICANN Nairobi meeting is now available online, with presentations and transcripts. The meeting also included live options for remote participants, which are now closed. Click on the presentation links below to see more about these topics covered in the session:
.ORG DNSSEC
DNSSEC Deployment Update
DNSSEC Deployment in Europe
AfTLD DNSSEC Survey
Open DNSSEC
Overview of Open Source Tools for DNSSEC
Rollover and Die?
DNS/DNSSEC and Domain Transfers: Are They Compatible?
DNSSEC for the Root Zone
.uk now DNSSEC signed
Posted by Graveline in Uncategorized on March 8, 2010
In this post on Twitter, Nominet IT director Simon McCalla announces that .uk is now signed.
Updated program on DNSSEC at FOSE
Posted by Graveline in Uncategorized on March 5, 2010
We’ve updated the program for the daylong session “What’s Next in DNSSEC” at the FOSE conference and expo, coming up later in March. Go here to see the current roster of speakers and topics on DNSSEC deployment in the federal government, state government, public-private systems, commercial networks and more.
Whither DNSCurve? Vixie answers.
Posted by Graveline in Uncategorized on March 5, 2010
Over at the Internet Systems Consortium blog, Paul Vixie has offered this post, Whither DNSCurve? to answer the question he frequently gets: “what is DNSCurve and what’s ISC’s position on it given our long involvement in DNSSEC?” He concludes with this summation:
I want provably correct DNS content to be universally available. Not just for me but for the entire population of the Internet. I want to stamp out all forms of DNS intermediation whether by recursive nameserver operators or nation-states or hackers. Because DNSSEC can do this, ISC has invested a lot of time and money over the last dozen years helping to develop DNSSEC. Because DNSCurve does not do this, and because the problems DNSCurve actually does solve are pretty well solved by UDP source port randomization and will be entirely eradicated by DNSSEC, ISC is not investing in DNSCurve at all.
HOMEGATE workshop set for April 20-21 in London
Posted by Graveline in Uncategorized on March 2, 2010
HOMEGATE, the Broadband Home Gateway birds-of-a-feather group (BoF) formed at the 76th IETF meeting, will hold a workshop in London April 20-21, and is asking would-be participants to indicate their likely attendance here so that arrangements can be made for a venue. Remote options for participating are promised, so the early RSVP applies to those intending to attend in person.
The group focuses on access to broadband Internet services, which use networking technology in the home, small office/home office (SOHO) or small to medium business (SMB). The group’s draft charter has been focused and coordinated with other Standards Development Organizations “to ensure that the planned work is complimentary and not overlapping with their respective work.”
The effort’s wiki notes:
….many serious, long-term problems face users of home gateways today. At the root of many of these problems is the fact that device manufacturers, and/or the organizations that specify requirements for such devices, are not certain which IETF standards and best current practices should be supported, and when/why that support is needed. As a result of this, millions of devices are being deployed every year, which do not work with important IETF protocols, standards, and best practices that are central to the future of the Internet.
DNSSEC is among the IETF standards to be included in the group’s deliberations. Sign up here for the group’s mailing list for further announcements.
Signing of .uk begins
Posted by Graveline in Uncategorized on March 1, 2010
Nominet has begun signing the .uk country code top-level domain this week, a process expected to conclude March 8. According to the article in PC Advisor, “Nominet will begin signing ‘.co.uk’ – comprising more than 8 million websites – later this year, working with any entity that operates a nameserver, as their software will have to be upgraded for DNSSEC.”
Comcast to deploy DNSSEC by 1st quarter 2011
Posted by Graveline in Uncategorized on February 23, 2010
After two years of testing DNSSEC, Comcast — the largest provider of cable services in the U.S., with 23.6 million cable customers, 15.9 million high-speed Internet customers and 7.6 million voice customers — announced it is starting a trial today and plans to implement DNSSEC by the first quarter of 2011 or sooner. In a blog post, Comcast noted:
We plan to implement DNSSEC for the websites we manage, such as comcast.com, comcast.net and xfinity.com, by the first quarter of 2011, if not sooner. By the end of 2011, we plan to implement DNSSEC validation for all of our customers….If you don’t want to wait until 2011, you can participate in our DNSSEC customer trial, which starts today. Opt-in by changing your DNS server IP addresses to 75.75.75.75 and 75.75.76.76 (we’ll be adding IPv6 addresses soon). The servers supporting this are deployed nationally in the same locations as our other DNS servers that millions of customers use everyday.
You can find FAQs on the Comcast trial here.
Free registration available for FOSE, DNSSEC session
Posted by Graveline in Uncategorized on February 14, 2010
FOSE, the federal information technology conference and expo, offers free registration to federal employees and military personnel. Don’t fit into those categories? The DNSSEC Deployment Coordination Initiative can offer you free registration at this special link.
You can see the full program for the March 24 daylong session “What’s Next in DNSSEC,” sponsored by the Initiative, here. Featured will be updates on U.S. federal government DNSSEC deployment and next steps; state, municipal and public-private network deployment; perspectives on DNSSEC in the commercial, educational and nonprofit sector domains; and lessons learned from deployment across the federal system. The program is free but requires pre-registration.
Recent Comments