http://blog.wired.com/27bstroke6/2008/10/feds-take-step.html By Ryan Singel Threat Level Wired.com October 08, 2008 Starting Thursday morning, the U.S. government is seeking comment on who should create and vouch for the internet's most crucial document -- the root zone file -- that serves as the cornerstone of the system that lets users get to websites and emails find their way to inboxes. The non-profit ICANN, the for-profit Verisign and the Commerce Department's National Telecommunications and Information Administration all have different answers to what is a long-standing, and geopolitically charged internet governance question. But the only thing that matters for the security of the internet is the speed that they answer the question, according to domain-name system expert Paul Vixie. "We've got to get the root signed, it does not matter by whom," Vixie said by e-mail. "It's necessary simply that it be done, by someone, and that we stop anyone from arguing about whether letting someone hold the root key would make them king." At issue is a massive net security hole that security researcher Dan Kaminsky discovered in early 2008 that was temporarily patched in July. If not given a complete fix soon, the vulnerability could allow so much net fraud that it would strip all trust from the internet users that any website they were visiting is the genuine article, experts say. The only known complete fix is DNSSEC -- a set of security extensions for name servers. (That said, there are other effective defenses and OpenDNS, for one, protects users now.) [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/Received on Thu Oct 09 2008 - 01:01:15 PDT
This archive was generated by hypermail 2.2.0 : Thu Oct 09 2008 - 01:10:07 PDT