US government mandates? use of DNSSEC by federal agencies

Michael Thomas mike at mtcc.com
Wed Aug 27 11:22:40 CDT 2008


Kevin Oberman wrote:
>> Date: Tue, 26 Aug 2008 16:53:24 -0400
>> From: "Bill Bogstad" <bogstad at pobox.com>
>>
>> Not sure what this will actually mean in the long run, but it's at
>> least worth noting.
>>
>> http://www.gcn.com/online/vol1_no1/46987-1.html
>> http://www.whitehouse.gov/omb/memoranda/fy2008/m08-23.pdf
> 
> It will mean something in the medium term as '.gov' and '.org' will be
> signed very soon and OMB might be able to even get the root
> signed. (Since OMB can pull funding, no one argues with them much.)
> All of this will increase pressure on Verisign to deal with '.com' and
> '.net'.
> 
> Note that this only has an impact on '.gov' and the zones immediately
> below it, but I suspect most sub-domains of *.gov will be signed as a
> result of this, even if it is not required.

So the question I have is... will operators (ISP, etc) turn on DNSsec
checking? Or a more basic question of whether you even _could_ turn on
checking if you were so inclined?

		Mike




More information about the NANOG mailing list