Re: Department of Homeland and Security wants master key for DNS

[David Farber <dave () farber net>]

Begin forwarded message:

From: Christian Huitema <huitema () windows microsoft com>
Date: April 1, 2007 4:53:59 PM EDT
To: dave () farber net
Subject: RE: [IP] Re: Department of Homeland and Security wants  
master key for DNS

> In view of ICANN's chaotic management, I expect that a lot of those
> governments are quietly happy to have ICANN under adult supervision,
> and although they may say they want it independent of the US, short of
> handing it to the ITU or some other institution with international
> legitimacy, the USG is going to stay in charge, in which case it
> really doesn't matter whether the master key belongs to ICANN, IANA,
> DOC, or DHS because it all amounts to the same thing.

But why do we need a master key for the DNS at all? If a name is really
popular, one can expect that its key will be well known. Verification of
that key should not depend on the whims of the centralized registry. DNS
servers should manage their list of well known keys, and protect their
users against any bureaucratic error at the root level. Most top level
domains and many big services should easily reach that level of
popularity, and not depend on the root key for their security.

-- Christian Huitema





-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/@now
Powered by Listbox: http://www.listbox.com