Deploy360 16 October 2013

Introducing The DNSSEC History Project – Can You Help Complete The Story?

By Dan YorkDirector, Internet Technology

dnssec-history-projectCan you please help us fill in the blanks and complete the story of how DNSSEC came about?  Back in 2010 after the root of DNS was signed with DNSSEC, Steve Crocker sent out an email suggesting that the community should document the history of how DNSSEC came to be. As documented on the “About The DNSSEC History Project” page, Steve said in part:

It’s taken twenty years to reach this point, starting with Steve Bellovin’s demonstration of cache poisoning and the early proposals for adding cryptographic signatures to DNS.  A very large number of people, working in a large number of places, have contributed.  There were false starts, technical challenges, controversies and long hard marches.  The large bulk of this work is not very well documented, and there is no place to go to find anything approximating the full story.

To help, the Internet Society offered a wiki site to collect information and in 2010 a good amount of text was added. You can see the current version at:

In the years since 2010 a bit more text was added and some editing occurred, but quite honestly a great amount of the story is still left untold. A couple of us would now like to go in and capture some of this history before it gets lost. But to do so…


Some of us, such as myself, weren’t involved in the early days of DNSSEC and so we’re left to try to document the story based on what information we can find out there.  If you were involved, we’d love to have to you add in some text.  You can see the main page of the project where the information is being gathered.  We also split out the timeline into its own separate page:

Both of those pages need updates – and the main page needs, in my opinion, to be broken out into some more pages.

If you weren’t involved, but are interested in helping with the project, even just with the editing, we’d also love the assistance. The existing text could use some good editing, and this will continue to be a challenge as we add in more text from multiple people.  There are also any number of documents and events referenced in the main text for which links need to be found and inserted.  I’d also like to see the text cleaned up a bit to be more consistent across sections.

IF YOU WOULD LIKE TO HELP, please send an email message to [email protected] and we can get you set up with an account for editing the wiki pages. (We’d also ask you to please read the “About” page, too, to understand the project goals.)

The end goal is to chronicle the story of how DNSSEC came to be, in part so that the larger community can remember how it all came together, but also so that developers of future protocols can perhaps gain some insight into how best to develop their protocol from the story of DNSSEC.

Please do join with us and help complete the story!  (Thank you!)

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...