US government mandates? use of DNSSEC by federal agencies

Michael Thomas mike at
Wed Aug 27 11:22:40 CDT 2008

Kevin Oberman wrote:
>> Date: Tue, 26 Aug 2008 16:53:24 -0400
>> From: "Bill Bogstad" <bogstad at>
>> Not sure what this will actually mean in the long run, but it's at
>> least worth noting.
> It will mean something in the medium term as '.gov' and '.org' will be
> signed very soon and OMB might be able to even get the root
> signed. (Since OMB can pull funding, no one argues with them much.)
> All of this will increase pressure on Verisign to deal with '.com' and
> '.net'.
> Note that this only has an impact on '.gov' and the zones immediately
> below it, but I suspect most sub-domains of *.gov will be signed as a
> result of this, even if it is not required.

So the question I have is... will operators (ISP, etc) turn on DNSsec
checking? Or a more basic question of whether you even _could_ turn on
checking if you were so inclined?


More information about the NANOG mailing list