Deploy360 4 April 2013

Report: Signed Root Deployment – Framing the Issues (DNSSEC Industry Coalition, 2009)

Report on issues with signing the DNSSEC rootIn April 2013, Steve Crocker circulated this report with the following comment:

In June 2009, a year before the root was signed, the DNSSEC Industry Coalition, led by PIR, and the DNSSEC Deployment Initiative, held a symposium, Signed Root Deployment: Framing the Issues, to look at possible consequences of signing the root and the next steps after it was signed.

We had an excellent symposium and drafted a report.  Sadly, we couldn’t quite complete the editing process, so the draft lay unpublished, incomplete, since then.

The concerns expressed during the symposium about the consequences of a much larger root zone are now well behind us.  However, the sections on key distribution and use and on key rollover remain relevant, which is why we are pushing this draft out at this late date.

We are posting the report here at Steve’s request to make it available to the larger community.

Related articles

Deploy360 1 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

Almost every time we use an Internet application, it starts with a Domain Name System (DNS) transaction to map...

Deploy360 1 March 2019

IPv6 Security for IPv4 Engineers

This document provides an overview of IPv6 security that is specifically aimed at IPv4 engineers and operators. Rather than...

Deploy360 27 February 2019

Introduction to DNS Privacy

Abstract Almost every time we use an Internet application, it starts with a Domain Name System (DNS) transaction to...