27,652
edits
Changes
Jump to navigation
Jump to search
Line 21:
Line 21: + + + + + + + + + + + + + + + + + + +
Domain Name System Security Extensions (view source)
Revision as of 08:11, 4 February 2011
, 13 years ago→DNSSEC and ICANN
==DNSSEC and ICANN==
==DNSSEC and ICANN==
ICANN is one of four entities that is a part of the DNSSEC process, it is responsible for receiving and inspecting the information from the top level domain (TLD) operators. These actions are perfomed in conjunction with:
* The National Telecommunications and Information Administration, which is a division of the [[U.S. Department of Commerce]], and is responsible for authorizing changes to the roots.
* [[Verisign]], which is contracted by the U.S. government to edit the root zone with the information supplied and authenticated by [[ICANN]], which was subsequently authorized by the Department of Commerce, and also to distribute the root zone file containing information on where to find info on TLDs
* An international group of [[Root Service Operators]] then distributes root information from the root zone file across the Internet. Those groups are:
# VeriSign Global Registry Services;
# Information Sciences Institute at USC;
C) Cogent Communications;
D) University of Maryland;
E) NASA Ames Research Center;
F) Internet Systems Consortium Inc.;
G) U.S. DOD Network Information Center;
H) U.S. Army Research Lab;
I) Autonomica/NORDUnet, Sweden;
J) VeriSign Global Registry Services;
K) RIPE NCC, Netherlands;
L) ICANN;
M) WIDE Project, Japan.
In June, 2010, ICANN hosted the first production DNSSEC key ceremony in a high security data centre outside of Washington, D.C.. The key ceremony involved the creation of the first cryptographic digital key used to secure the Internet root zone, which was securely stored after its generation. Each key ceremony is designed to to allow the private key material for the root zone to be managed in a transparent yet secure manner. The goal is for the whole Internet community to be able to trust that the procedures involved were executed correctly, and that the private key materials are stored securely. There is an emphasis on the transparency of the process through the use Trusted Community Representatives ([[TCR]]s), who undertake the detailed procedures with 14 [[ICANN]] employees. [[TCR]]S are members of the international [[DNS]] community, and are unaffiliated with [[ICANN]], [[VeriSign]], or the [[US Department of Commerce]]. These ceremonies will take place 4 times a year in two different American locations.<ref>[ http://www.icann.org/en/announcements/announcement-2-07jun10-en.htm ICANN's DNSSEC Key Ceremony Announcement.}</ref>
In June, 2010, ICANN hosted the first production DNSSEC key ceremony in a high security data centre outside of Washington, D.C.. The key ceremony involved the creation of the first cryptographic digital key used to secure the Internet root zone, which was securely stored after its generation. Each key ceremony is designed to to allow the private key material for the root zone to be managed in a transparent yet secure manner. The goal is for the whole Internet community to be able to trust that the procedures involved were executed correctly, and that the private key materials are stored securely. There is an emphasis on the transparency of the process through the use Trusted Community Representatives ([[TCR]]s), who undertake the detailed procedures with 14 [[ICANN]] employees. [[TCR]]S are members of the international [[DNS]] community, and are unaffiliated with [[ICANN]], [[VeriSign]], or the [[US Department of Commerce]]. These ceremonies will take place 4 times a year in two different American locations.<ref>[ http://www.icann.org/en/announcements/announcement-2-07jun10-en.htm ICANN's DNSSEC Key Ceremony Announcement.}</ref>