Government Begins Securing Root Zone File

Death Metal notes a Wired piece on the US government beginning the process of securing the root zone file. This is in service of implementing DNSSEC, without which the DNS security hole found by Dan Kaminsky can't be definitively closed. On Thursday morning, a comment period will open on the various proposals on who should hold the keys and sign the root — ICANN, Verisign, or the US government's NTIA.

None of the above

[jeffasselin]

Anyone really thinks any of those organizations should be trusted with this? How about some UN organization instead?

Who to control...

[TheSpoom]

Verisign

Pros:

• Quite a bit of money, stability likely wouldn't be a problem

Cons:

• Puts a private company in control of a very, very important part of the internet
• Has previously fucked with DNS, would likely do so again if considered a wise business decision

US Government

Pros:

• Wouldn't dare let it go down since business in their country is very dependent upon it
• Puts elected officials in charge of a very important part of the internet

Cons:

• Nationalizes an important part of an international network
• Puts elected officials in charge of a very important part of the internet

ICANN

Pros:

• Has been doing this a long time
• Is a non-profit company so isn't driven by the same business needs as, say, Verisign

Cons:

• Still somewhat national

I'm definitely of the opinion that ICANN should be running it. That said, I don't know everything about the matter, so perhaps there's something that would change my mind. I figure, though, that if it's not broken, don't fix it.