NameSilo

DNS security and key ceremonies

Labeled as security in Technology, started by Future Sensors, Oct 12, 2021

Replies:
4
Views:
211

  1. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,534
    Likes Received:
    8,469
    DNS security and key ceremonies

    This post will focus on a key part of DNSSEC infrastructure — Root KSK ceremonies. These ceremonies exist to provide transparency to the Internet community around the creation, use, and storage of the Root KSK. Transparency is essential in establishing trust of the KSK — asking the Internet to just blindly trust something wouldn’t work, and rightly so!

    Read more:

    https://blog.apnic.net/2021/10/12/dns-security-and-key-ceremonies/
     
    Last edited: Oct 12, 2021
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Bob Hawkes

    Bob Hawkes Top Member NameTalent VIP Gold Account Trusted Blogger

    Posts:
    7,864
    Likes Received:
    26,900
    Wow I had no idea of all this. Thanks for sharing @Future Sensors .

    I liked this: “So, in a sense, there is a group of seven people with ‘keys to the Internet’, but on their own, without ICANN (and the tens-of-thousands-strong Internet community backing them), they’re powerless.”
     
  3. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,534
    Likes Received:
    8,469
    So true. With SOA serial 2010071501 (July 2010) the DNS root was officially signed. The procedures have been polished since then, and trusted community representatives are selected from different geographic locations to avoid imbalance. Before the root was signed, there was a system that imitated a signed root: DNSSEC Lookaside Validation (DLV), which can be found in https://datatracker.ietf.org/doc/html/rfc5074
     
    Last edited: Oct 12, 2021
  4. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,534
    Likes Received:
    8,469
    4711838778_1182ee316b_k.jpg
    Root Zone KSK Ceremony #1

    The first Key Signing Key (KSK) generation ceremony for the DNS Root Zone. In a sense, the KSK represents the "master key" that is anticipated to be used from July 2010 to secure the root of the DNS system.

    Taken on June 16, 2010
    by Kim Davies

    CC BY-NC-ND 2.0 license

    Full album:
    Root Zone KSK Ceremony #1
    https://www.flickr.com/photos/kjd/albums/72157624302045698
     
    Last edited: Oct 13, 2021
  5. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,534
    Likes Received:
    8,469
    Last edited: Oct 27, 2021 at 1:36 AM

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...