Half of .gov Sites Fail DNSSEC Test

netbuzz writes "US federal government Web sites were mandated to have begun deploying DNS Security Extensions (DNSSEC) by Dec. 31, 2009, but a recent check shows that 51 percent have still failed to do so. That does represent a marked increase over the 20 percent that had complied as of a year ago. 'But if you think the government should be fully deployed by now, it's a disappointing number,' says Mark Beckett, vice president of marketing and product management for Secure64, who conducted the study."

Hello Slashvertisement

[RingDev]

Study performed by company that competes for government contracts to fix issues pointed out by said study finds that government should hire them.

-Rick

Stop the presses: OMB mandate ignored!

[mschaffer]

Government agencies ignored an OMB mandate. This is not exactly news.

Cricket Liu on DNSSEC

[RazzleDazzle]

Coincidentally I was just yesterday at a DNSSEC seminar presented by Cricket Liu. While obscenely complicated compared to the more or less basic operation of a non-DNSSEC name server, it is super easy to (and really operationally required IMHO to) automate the entire DNSSEC part of DNS administration. Of course he showed his own employers DNS tool (he works for infoblox.com) but there are other choices and methods of automating and he did not really make it into a big sales pitch for his employer, just a simple screenshot showing its ease of use and a few minutes to describe it.

Anyways, I plan to start really investigating the deployment of DNSSEC now.