sponsors
DNSSEC Deployment in .gov: Progress and Lessons Learned
Practice and Experience Report
Scott Rose, National Institute of Standards and Technology (NIST)
In 2008, the US Federal government mandated that all Federal-owned DNS zones must deploy DNSSEC. Initial deployments lagged and were often error prone.
In 2008, the US Federal government mandated that all Federal-owned DNS zones must deploy DNSSEC. Initial deployments lagged and were often error prone.
This prompted the creation of a Tiger Team to assist agencies in deployment as well as a continuous monitoring program. These steps increased the number of signed zones in the .gov TLD and improved the response time in responding to errors and mistakes in deployment. This talk will cover the progress of DNSSEC in the Federal government in addition to lessons learned in setting up a system to monitor and maintain compliance across multiple administrative boundaries.
Scott Rose, National Institute of Standards and Technology
Scott Rose works as a computer scientist at the National Institute of Standards and Technology (NIST) on Internet infrastructure protection research and development. He co-authored the core DNSSEC specification in the IETF as well as NIST Special Publication 800-81 on DNSSEC deployment. Scott was recently awarded the Department of Commerce Gold Medal for Leadership for work in deploying and testing DNSSEC deployment at the .GOV top level domain (TLD).
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Scott Rose},
title = {{DNSSEC} Deployment in .gov: Progress and Lessons Learned},
booktitle = {26th Large Installation System Administration Conference (LISA 12)},
year = {2012},
isbn = {978-931971-97-3},
address = {San Diego, CA},
pages = {223-228},
url = {https://www.usenix.org/conference/lisa12/technical-sessions/presentation/rose},
publisher = {USENIX Association},
month = dec,
}
connect with us