At the SATIN 2012 conference on March 23, 2012, the Internet Society’s Dan York spoke about a paper that he and other members of the Internet Society staff developed outlining some of the challenges with DNSSEC deployment and identifying opportunities to simplify the user experience to accelerate DNSSEC deployment. The document is now available for download at:
Challenges and Opportunities in Deploying DNSSEC (SATIN 2012)
The document lays out the challenges and opportunities for:
- Domain name consumers - any person or application that is using a domain name.
- Domain name holders - people or organizations who have registered a domain and, in the context of DNSSEC, want to sign the domain.
- Domain name infrastructure operators - people or organizations that provide the actual service behind the Domain Name System and have a role to play in the DNSSEC signing and validation processes.
Within each section, there are multiple subsections with specific examples. The document concludes with some thoughts about additional opportunities to accelerate DNSSEC deployment and a lengthy list of resources for further exploration of the topic.
Our goal is that this document can stimulate further discussion about these points and lead to solutions that move DNSSEC deployment further. We also will be using it within the Deploy360 Programme to identify areas where we need to add more DNSSEC resources to the site.
We welcome any and all feedback and comments, either directly here as comments to this page or sent to us via email or our web form.