Domain Name System Security Extensions (DNSSEC) 3 March 2017

Comments? Internet Draft on DNSSEC Crypto Algorithm Agility

By Dan YorkChief of Staff, Office of the CEO

DNSSEC badgeWhat are the challenges in deploying new cryptographic algorithms for DNSSEC? As we look to move to using new crypto algorithms such as ECDSA, what are the barriers to getting those new algorithms rolled out? And how can we overcome those barriers?

A few of us wrote an Internet Draft on this topic:

and with IETF 98 fast approaching I am considering whether we need to publish a revision.  So I’m curious – what do you think? Are there  topics that we missed? Text that we could make a bit more clear? Additional points to consider?

We’d welcome any and all feedback. You can leave comments here on the blog post, or on social media where this appears… or you could just do that old-fashioned email thing.

Thanks in advance!

Domain Name System Security Extensions (DNSSEC), How the Internet Works, IETF, Internet Technologies, Open Internet Standards, Security, Supporting a Secure and Trustworthy Internet, Global,

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Recent Posts

Related Posts

Open Standards Everywhere 11 June 2020

Listen to the Hedge Podcast 39 to Learn about the Open Standards Everywhere Project

What is our Open Standards Everywhere (OSE) project all about? How did it get started? What are the project...

Internet Technologies 19 February 2019

DNS Privacy & IPv6 Security @ APTLD 75

The Internet Society will be actively contributing to the APTLD 75 meeting on 20-21 February 2019 in Dubai, United...

Domain Name System (DNS) 8 February 2019

DNS Flag Day

The 1st of February was DNS Flag Day, which is an initiative of several DNS vendors and operators to...