The U.S. government is seeking input on a way to make the Internet’s addressing system less susceptible to tampering by hackers. Under the idea, records in the Domain Name System (DNS) root zone would be cryptographically signed using Domain Name and Addressing System Security Extensions (DNSSEC), a set of protocols that allows DNS records to carry a digital signature.<\/p>\n","protected":false},"excerpt":{"rendered":"
The operator of the .org TLD has also committed to the system, according to the Commerce Department.<\/p>\n
But to get the full benefits of DNSSEC requires domain name registrars, domain name registries, Internet service providers and others to upgrade their software. “DNSSEC-signed root zone would represent one of most significant changes to the DNS infrastructure since it was created,” according to a notice issued by the Commerce Department in the Federal Register, a daily digest of U.S. government notices.<\/p>\n
As it stands now, TLD operators send changes to the Internet Assigned Numbers Authority, which is part of the Internet Corporation for Assigned Names and Numbers. ICANN then sends the changes to the U.S. National Telecommunications and Information Administration, which is part of the Commerce Department. The heavy involvement of the U.S. government in how the Internet’s addressing system is administered, as well as the interests of VeriSign, has drawn criticism that the process is too U.S.-centric. And there appears to be a battle brewing over which entity will manage the cryptographic keys required to sign the root zone file.<\/p>\n
http:\/\/www.computerworld.com\/action\/article.do?command=viewArticleBasic&articleId=9116900&source=NLT_PM&nlid=8<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-879","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/879","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=879"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/879\/revisions"}],"predecessor-version":[{"id":3366,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/879\/revisions\/3366"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=879"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=879"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=879"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}