Cybersecurity

International politics slows full deployment of DNSSEC

A growing number of generic top-level domains, including .gov and .org, are deploying DNS Security Extensions to help ensure the reliability of the Domain Name System. But full deployment of the extensions is moving at a glacial pace.

Part of the problem is the complexity of managing the cryptographic keys used to sign DNS data and authenticate queries and responses. But one Commerce Department official said another part of the problem is international concern about the United States controlling the Internet. In many cases, the challenges faced are diplomatic rather than technical. The official likened the process of bringing the international community on board to herding cats.

Commerce has put much of the job of managing the Internet into the hands of the Internet Corporation for Assigned Names and Numbers, a nonprofit organization formed for that purpose. But Congress is unwilling to give up its oversight of a network the Defense Department originally created, and that worries some who see the Internet as a global resource.

Individual entities can handle many aspects of Internet security at the endpoints. But because DNS underlies virtually all Internet activity, securing it effectively is best done at a higher level. Hopefully, deploying DNSSEC won’t prove to be as challenging as achieving peace in the Middle East.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above