http://infosecevents.net/2008/08/29/dnssec-for-all-top-level-gov-domains/ Covering the Information Security Economy Fri, 10 Feb 2012 06:58:08 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://infosecevents.net/2008/08/29/dnssec-for-all-top-level-gov-domains/comment-page-1/#comment-236 Can you say knee jerk reaction? | Nicholson Security Wed, 03 Sep 2008 03:21:44 +0000 http://infosecevents.net/2008/08/29/dnssec-for-all-top-level-gov-domains/#comment-236 [...] Now I am all for DNSSEC becuase at this time it is the best working model to reduce the risk that threaten traditional DNS.  My concern is how is this “mandate” going to be implemented?  DNSSEC is not a simple task to deploy and I can’t imagine that anyone is claiming that it won’t be a big deal.  You have the RRSIG, the DNSKEY, the DS, and the NSEC which are all new records that need to be created and validated.  In adition to the control of the private key used for signing.  InfoSecEvents has more about the top level .GOV domains moving to DNSSEC here. [...] [...] Now I am all for DNSSEC becuase at this time it is the best working model to reduce the risk that threaten traditional DNS.  My concern is how is this “mandate” going to be implemented?  DNSSEC is not a simple task to deploy and I can’t imagine that anyone is claiming that it won’t be a big deal.  You have the RRSIG, the DNSKEY, the DS, and the NSEC which are all new records that need to be created and validated.  In adition to the control of the private key used for signing.  InfoSecEvents has more about the top level .GOV domains moving to DNSSEC here. [...]

]]>