15 December 2009

Security Updates for the Internet

In a few weeks the US Government, via contract with Verisign, will begin deploying changes to the root DNS server pursuant to specifications put forth in ISO 27001:2005.

The Root Zone system needs an overall security lifecycle, such as that described

in ISO 27001, and any security policy for DNSSEC implementation should be

validated against existing standards for security controls.


-- DNSSEC Root Zone, High Level Technical Architecture

The latest roll out timetable published:

  • December 1, 2009: Root zone signed for internal use by VeriSign and ICANN.  ICANN and VeriSign exercise interaction protocols for signing the ZSK with the KSK.
  • Early January, 2010: The first root server begins serving the signed root in the form of the DURZ (deliberately unvalidatable root zone). The DURZ contains unusable keys in place of the root KSK and ZSK to prevent these keys being used for validation.
  • Early May, 2010: All root servers are now serving the DURZ.  The effects of the larger responses from the signed root, if any, would now be encountered.
  • May and June, 2010: The deployment results are studied and a final decision to deploy DNSSEC in the root zone is made.
  • July 1, 2010: ICANN publishes the root zone trust anchor and root operators begin to serve the signed root zone with actual keys – The signed root zone is available.

-- Information about DNSSEC for the Root Zon

Dec 15, 2009 8:57:27 PM | Current Affairs, FOSS, Web/Tech

2 Comments Comment feed

social media expert dc

Software is constantly evolving and changing. That's a good thing, honestly. There are always new and better features being added, along with important security updates in some cases. David from PC PitStop asked about Microsoft Updates.thanks for sharing this,this is really a big help and very usdeful!

Posted by: social media expert dc | 20 January 2011 at 09:43

social media expert dc

This is a good thing protect networked critical systems and remote and mobile users from unwanted network intrusions and hackers, as well as from viruses, Trojans, and worms. Centralized policy management and response capabilities ease the administrative burden and lower the cost of managing security at the network, mobile, and remote client level.

Posted by: social media expert dc | 21 January 2011 at 09:03

The comments to this entry are closed.

NEXT POST
Sybil it seems may have a little bit of larceny in her soul... Spent a wonderful - couldn't get any better then this - Friday night wiring 'r up..and you know if you know the feeling... that one needs to fill the time with browsing..and thinking...and therein is the rub... A simple question really - one, old as humanity - what do you do when no one is looking? The Shadow know
PREVIOUS POST
Marching Bands... A few days back ran across a blog directed to the user interaction design biz... aHistoric Design I'll call it. Rambling along - came this user design tidbit..a contest, think I'll book mark that to see what the winning answer will be *Smile*...but I'm left wondering, will I be able to find the winning entry, I haven't found a way to see any previous winners.. I suppose they want me to register, wish they would just come out and say that - assuming my registration is really what they want.. Anyhow then this: Today ran across this photo and find...

Drew Jensen

Let's Roll

solveigh
Cole Camplese
Craig Murphy
nataliepo
Six Apart Media
Bill Cosby
David Felts
Denise Wakeman
michael ian black
Brad Choate
S. Anthony Iannarino
sarah lacy
Ez
Dave Barnhart
DWR
Joyce E. DeMonbrun
Oh, Auth
redfox
kimmi8
Jude Killory
ydnar
Joseph Jaffe
Steve Ivy
Kymberlie
Marcus
Jim Ramsey
daisy barringer
Alaina
Frank Gruber
misschatter
Andy Wibbels
Alana
Kokochi
Anthony Perkins
Adam Rice

Search

My Other Accounts

Recent Comments