VeriSign and ICANN Square Off Over the DNS Root
Ryan Singel writes on Threat Level:
The internet has a huge security problem that's temporarily fixed with bent paperclips and some gaffer's tape. Without concerted effort, hackers could easily spoil what little confidence remains in the internet.More here.
In fact, cyber-criminals are already exploiting the Domain Name System hack uncovered by security researcher Dan Kaminsky this summer -– essentially setting up fake banking websites that users reach by typing in their bank's real domain name. (That's according to research by Georgia Tech's David Dagon and Internet System Consortium's Paul Vixie.)
That's why the U.S. government finally put out a call Thursday [Actually, it was Wednesday. - ferg] for comments on whether the net as a whole should adopt new security protocols called DNSSEC, and asking who should have the privilege of controlling the master keys.
Two longstanding net infrastructure rivals -- ICANN and VeriSign -– each want the job.
Internet experts are siding overwhelmingly with ICANN, arguing that the crucial responsibility of making sure users can trust the technical equivalent of the internet's phone book belongs in the hands of the net's main oversight body.