AOH :: IS1926.HTM

How NIST put DNSsec into play

How NIST put DNSsec into play
How NIST put DNSsec into play

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

By William Jackson
April 03, 2009

The digital signing of the .gov top-level domain in February completed 
the first step of the implementation of DNS Security Extensions (DNSSEC) 
in the government=E2=80=99s Internet space. The next step is for agencies to 
sign their second-level domains by the end of the year.

It is not a simple process, which is one of the main reasons DNSSEC has 
not been widely deployed across the Internet=E2=80=99s Domain Name System 
despite its well-known vulnerabilities.

=E2=80=9CThere is a steep learning curve in deploying DNSSEC,=E2=80=9D said Scott Rose, 
a computer scientist at the National Institute of Standards and 
Technology, the agency that is writing the rules for deployment. DNS 
typically takes little management. However, once DNSSEC is deployed, 
there is the constant chore of generating and managing cryptographic 
keys and signing and re-signing data.

But NIST is doing more than writing about it. The agency has had DNSSEC 
deployed in the domain for more than a year.


Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Best Selling Security Books and More! 


Site design & layout copyright © 1986-2015 CodeGods