Archive for March, 2011

ICANN CEO Rod Beckstrom opened the organization’s 40th meeting in Silicon Valley citing DNSSEC as a major theme in his keynote presentation (119KB PDF). Following are his DNSSEC-related remarks:

Perhaps our most significant security achievement is the ongoing implementation of DNSSEC. With strong community support, it is being vigorously deployed around the world, at a pace that exceeds our most optimistic projections.

We encourage companies to deploy DNSSEC on their DNS infrastructure – in effect, to turn DNSSEC validation “on” and sign their company’s domain names.

In less than a year since the root was signed, today we have 76 top-level domains signed and in a few weeks, .COM – with almost 100 million domains names – will also be signed.

With the root zone signed, the number of domains using DNSSEC will accelerate. Large ISPs such as Comcast are deploying DNSSEC to provide additional security for their customers, and major equipment vendors such as Cisco are looking at building it into their products. This is a major win.

And finally, DNSSEC could help secure more than just domain names – perhaps email, web sites, identities, communications and programs – bringing seamless and trustworthy communication across organizational and national borders.

For those of you who may not be fully familiar with DNSSEC, there will be a session for newcomers today at four o’clock.

The Latin American and Caribbean TLD Association has set a target of 50 percent signed TLDs in Latin America by the end of this year. “2011 will be the year of DNSSEC for LAC TLD,” according to its general manager.

We want to hear that commitment echoed around the world.

ICANN’s Silicon Valley meeting has begun, and features two substantial DNSSEC presentations. Audiocast information, presentations and details can be found at the session links below:

DNSSEC for Everybody: A Beginner’s Guide takes place today at 4pm Pacific Time. Presenters from ISC, Nominet and Verisign will walk participants through basic and core concepts of DNSSEC, as well as real-word examples and a sample implementation of DNSSEC, with which audience members can interact.

The DNSSEC Workshop takes place Wednesday, March 16, starting at 8:30am Pacific Time.  DNSSEC deployment plans will be discussed by speakers from Akamai, Cisco, Fedora, Mozilla, PayPal, and Xelerance.  Application Security with DNSSEC and DOSETA will be presented by Brandenburg InternetWorking, and speakers from .nz Registry services and Google will address Innovative Uses as a Result of DNSSEC. Activities from the North American region will be presented by speakers from CIRA/.ca and VeriSign. The session concludes with a discussion of DNSSEC signing services with speakers from Afilias, EURID, ISC, Nominet, Packet Clearing House and Verisign.

DNSSEC has been successfully announced in the .co top-level domain, it was announced yesterday.