[EURO-Discuss] ALAC-WG on DNSSEC

Lutz Donnerhacke lutz at thur.de
Fri Aug 29 16:48:41 EDT 2008


On Fri, Aug 29, 2008 at 07:28:41PM +0200, JFC Morfin wrote:
> would it not help if we investigated an ALAC-WG on Security as seen 
> from a user point of view (documentation, solutions, open tools) ?

Personally I think it's more work than it's worth. Compiling colletions of
already known technical things is better maintained by those who are
directly involved. AtLarge (not only ALAC) has connections to the SSAC which
should be used for this subject. DNSSEC is currently hyped by the Dan
Kaminsky show, which was a good and serious hack, but somewhat overpromoted.

AtLarge can an should contribute to the political and personal implications
of signing the root. There are several open issues and a lot of FUD to
clarify. The most prominent FUD is that the possession of the root keys
implies the power to rule the Internet. A large part of "the truth"(tm) is
that the current operators of the root zone has already that power.

> other on identification. This could be within ALAC a first test what
> advocate : a multilingual techniocal user support cooperation?

Supporting technical and operational issues are really hard work. I fear
that Atlarge organization is not able to offer this in the full broad sense.
Supporting political and personal issues is a good and valueable target to
aim to. Compiling multilanguage background, too.

> At 18:44 29/08/2008, Lutz Donnerhacke wrote:
> >Of course, that's why I voluteer for a DNSSEC track on the AtLarge summit in
> >Cairo. Preparing this track requires to collect and write such materials.
> 
> And possibly test it?

That's part of my proposal. I'd like to see the signed root (of IANA)
productive on the validating resolvers during the whole sumit and meeting.
I run a signed root since more than two years in production environments
(for ~15000 people) and one of the largest DLVs. It's technically and
operationally possible. AtLarge can show, that ICANN is able to handle the
political issues (at least for the Cairo meeting) too.



More information about the EURO-Discuss mailing list