By Ryan Singel
October 08, 2008
Starting Thursday morning, the U.S. government is seeking comment on who
should create and vouch for the internet's most crucial document -- the
root zone file -- that serves as the cornerstone of the system that lets
users get to websites and emails find their way to inboxes.
The non-profit ICANN, the for-profit Verisign and the Commerce
Department's National Telecommunications and Information Administration
all have different answers to what is a long-standing, and
geopolitically charged internet governance question.
But the only thing that matters for the security of the internet is the
speed that they answer the question, according to domain-name system
expert Paul Vixie.
"We've got to get the root signed, it does not matter by whom," Vixie
said by e-mail. "It's necessary simply that it be done, by someone, and
that we stop anyone from arguing about whether letting someone hold the
root key would make them king."
At issue is a massive net security hole that security researcher Dan
Kaminsky discovered in early 2008 that was temporarily patched in July.
If not given a complete fix soon, the vulnerability could allow so much
net fraud that it would strip all trust from the internet users that any
website they were visiting is the genuine article, experts say.
The only known complete fix is DNSSEC -- a set of security extensions
for name servers. (That said, there are other effective defenses and
OpenDNS, for one, protects users now.)
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!