« Entrecôte | Main | After a long wait.... »

ICANN to work with US GOV on DNSSEC signing of the root


Some hopefully positive news was posted a week ago, when ICANN and the US GOV said they had started working on deployment of a DNSSEC signed root. The announcement still leaves some key issues unanswered. The announcement says that ICANN will operate the Zone signing Key, which seems reasonable if that means the IANA function as operated by ICANN.

Now the announcement further says that ICANN will manage the Key Signing Key process, but gives no further explanation on what is meant by this. Of course the most interesting and important procedural piece is exactly this, who holds the KSK? The use of the word "process" doesn't give any hint. This could still mean that the US GOV will hold a single key, or that there will be a split key model, but does not disclose any information on who would then hold the keys.

I guess we will just have to wait and see....

Posted on June 14, 2009 3:42 PM |

TrackBack

TrackBack URL for this entry:
http://www.kurtis.pp.se/cgi-bin/mt/mt-tb.cgi/260

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Search


About

This page contains a single entry from the blog posted on June 14, 2009 3:42 PM.

The previous post in this blog was Entrecôte.

The next post in this blog is After a long wait.....

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type 4.26