nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: US government mandates? use of DNSSEC by federal agencies

From: Michael Thomas <mike () mtcc com>
Date: Wed, 27 Aug 2008 09:22:40 -0700
Kevin Oberman wrote:

Date: Tue, 26 Aug 2008 16:53:24 -0400
From: "Bill Bogstad" <bogstad () pobox com>

Not sure what this will actually mean in the long run, but it's at
least worth noting.

http://www.gcn.com/online/vol1_no1/46987-1.html
http://www.whitehouse.gov/omb/memoranda/fy2008/m08-23.pdf


It will mean something in the medium term as '.gov' and '.org' will be
signed very soon and OMB might be able to even get the root
signed. (Since OMB can pull funding, no one argues with them much.)
All of this will increase pressure on Verisign to deal with '.com' and
'.net'.

Note that this only has an impact on '.gov' and the zones immediately
below it, but I suspect most sub-domains of *.gov will be signed as a
result of this, even if it is not required.


So the question I have is... will operators (ISP, etc) turn on DNSsec
checking? Or a more basic question of whether you even _could_ turn on
checking if you were so inclined?

                Mike
Previous By Date Next
Previous By Thread Next

Current thread: