Donate
‹ Back
Deploy360 22 December 2014

Jim Galvin Writing About DNSSEC On CircleID

Dan York
By Dan YorkDirector, Web Strategy & Project Lead, Open Standards Everywhere

Jim GalvinWe’ve been very pleased to see Dr. Jim Galvin of Afilias writing a series of articles about DNSSEC over on Circle ID.  Jim has been a long-time friend and supporter of the Deploy360 Programme and has spoken multiple times at our ION conferences. (For example, he spoke at our recent ION Belfast event.)  Jim was also involved with the recent sponsorship of our ION conferences by Afilias.

Anyway, over at CircleID Jim started a series of articles about different aspects of DNSSEC. His articles thus far include:

The three articles provide a good overview of the current state of DNSSEC.  His third article, in particular, dives into an issue that has not been widely discussed – the potential 5-day waiting period during the transfer or a domain between registrars. As Jim notes:

In pre-DNSSEC days this technical issue would resolve itself relatively benignly. However, post-DNSSEC, if the domain name in question is DNSSEC signed, the failure of the domain name to DNS resolve (and hence, validate) results in a security incident. The previously benign “site not found” becomes a scary “you don’t want to go there” message, potentially damaging the credibility and brand of the domain name owner.

He goes on to note what needs to be done to address this issue and concludes:

The current business practices around this transfer policy require urgent coordination amongst registrars so that effective DNSSEC deployment can happen without an impact to the end-user or the domain name owner.

We agree that this is a concern when transferring domains and do hope to see this kind of coordination happening among registrars.

We also hope to see Jim continue writing detailed articles like these over on CircleID.  You can see his writing there on his author page at CircleID.

And if you’d like to learn more about DNSSEC, please visit our Start Here page to begin!

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Announcing Afilias as Multi-year ION Sponsor
Deploy3607 October 2014

Announcing Afilias as Multi-year ION Sponsor

If you've been to the main ION Conference page lately, you may notice we've added some sponsor information for both...

ION Hangzhou: IoT & Collaborative Security
Deploy3602 August 2016

ION Hangzhou: IoT & Collaborative Security

Our second ION Conference of the year was held on 14 July 2016 in Hangzhou, China. As well as being the...

The Next Steps Toward Increasing The Security of DNSSEC with Elliptic Curve Cryptography
Deploy36028 March 2016

The Next Steps Toward Increasing The Security of DNSSEC with Elliptic Curve Cryptography

How do we make DNSSEC even more secure through the use of elliptic curve cryptography?  What are the advantages of...

Join the conversation with Internet Society members around the world