[governance] IGP Workshop on DNSSEC

Brenden Kuerbis bnkuerbi at syr.edu
Mon Jul 2 09:16:07 EDT 2007

Hi everyone,

Below you'll find another workshop proposal from IGP, I have also put
it on the wiki.




Question 1: Provide a concise formulation for the proposed workshop theme.
DNSSEC: Securing a critical Internet resource

The theme of this workshop is Internet governance and cyber security,
and particularly DNS Security Extensions (DNSSEC). The workshop will
focus on the tensions and complementarities between global and
national policy making, and the pursuit of global governance solutions
to cyber security problems.  Powerful national governments can often
exert international influence over policy related to cyber security.
However, the Internet is a global infrastructure and effective policy
often requires a globally coordinated effort.

DNSSEC is an IETF technical standard that could improve the security
of the global DNS and reduce criminal or disruptive acts.  A critical
step in deploying DNSSEC widely is the signing of the root zone file,
a critical Internet resource. The procedure for signing the root, and
more importantly, determining the authorities who control the digital
signing of this critical Internet resource has yet to be decided.
Arguably, current Internet governance institutions are unprepared for
this cyber security challenge.  What kinds of institutions and
coordination are needed to secure the root and ensure demand for
DNSSEC services?  Are there specific and complimentary roles that
governments, international organizations, non-governmental
organizations, and the private sector can or should play?  This
session brings together experts to address these questions.

Question 2: Provide the Name of the Organizer(s) of the workshop and
their Affiliation to various stakeholder groups. Describe how you will
take steps to adhere to the multi-stakeholder principle, including
geographical diversity.
Internet Governance Project (civil society/academic)

TBD (private sector)

TBD (government) [Government of Brazil has expressed interest in workshop]

Additional governmental and private sector organizations are being
approached, however, it is too early to gauge level of commitment. Our
choice of speakers and co-sponsors has been guided by stakeholder

Question 3: Why do you think the proposed theme is important?
Cyber security problems and the need for coordination between
governments, the private sector and civil society in order to resolve
them are at the forefront of issues confronting the Internet. This
workshop provides an opportunity for encouraging broader understanding
of DNS Security Extensions, including a technically informed
discussion of the policy dimensions surrounding DNSSEC, DNS root
signing, and its impact on the private sector, governments, and civil

Question 4: Describe the workshop's conformity with the Tunis Agenda
in terms of substance and the mandate of the IGF.
The deployment of DNSSEC is intended to improve the security of the
Internet's Domain Name System.  The Tunis Agenda highlights "the
importance of the security, continuity and stability of the Internet,
and the need to protect the Internet and other ICT networks from
threats and vulnerabilities." (45) Signatories "affirm the need for a
common understanding of the issues of Internet security, and for
further cooperation to facilitate outreach, the collection and
dissemination of security-related information and exchange of good
practice among all stakeholders on measures to combat security
threats, at national and international levels." (45)

Question 5: Provide the Name and Affiliation of the panellists you are
planning to invite.
We have yet to finalize our panelists for the workshop, but have
initiated conversations with several individuals:

Tricia Drakes, Chair ISOC-England; founder International Banking
Information Systems; former ICANN Board member (invited, to be

Bernard Turcotte, President, Canadian Internet Registration Authority
(invited, to be confirmed)

Sabine Dolderer, former Director and member of the Executive Board at
DENIC eG (invited, to be confirmed)

Scott Rose, US Department of Commerce, National Institute of Standards
and Technology (NIST) (invited, to be confirmed)

In addition, we anticipate contacting (or are already in the process)
other individuals from the technical community including IETF, IANA,
RIPE; private sector including financial services and information
security sectors, ISPs; governments and IGOs; and civil society.

Question 6: Describe the main actors in the field. Have you approached
them and asked whether they would be willing to participate in
proposed workshop?
The United States government has been extremely active in the
development of the DNSSEC standard, including participating in an IETF
Working Group and the release by the US Department of Homeland
Security of draft specifications for signing the root.  We have
invited a representative from the National Institute of Standards and
Technology (NIST).

Representatives from some ccTLD organizations were consulted during
the development of US-DHS specifications; however, several individuals
affiliated with ccTLDs have expressed concern about DNSSEC and root
signing at recent ICANN meetings.  We have invited these individuals.

A critical piece in the successful deployment of DNSSEC is demand for
secure DNS services. The financial services sector seems a likely
candidate for these services. We have invited panelists familiar with
the sector's initiatives.

The Internet technical community is involved in developing the
standard and is aware of the implementation issues and problems. We
have invited several technical experts.

Question 7: List similar events you have organized in the past.

IGP has organized several symposia for policy makers and/or academics,
including two very successful, well-attended workshops at the Athens
IGF. Recently, the IGP organized a Symposium on Internet Governance
and Security: Exploring Global and National Solutions and panel on DNS
Security Extensions (DNSSEC) at the Swiss Embassy in Washington DC.
Several recognized technical experts from the private sector, ICANN
and the US government discussed the deployment of DNSSEC, and in
particular the policy dimensions of digitally signing the Internet's
root zone file. The audience of nearly 80 people included Department
of Commerce officials, US government contractors, policy-makers,
public-interest advocates and graduate students. The discussion
highlighted major technical challenges facing DNSSEC deployment, and
the effects of root signing on tld zone operators and the Internet's
Domain Name System (DNS).

Brenden Kuerbis
Internet Governance Project
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:

More information about the Governance mailing list