J. Oquendo wrote:
That is the article that started a very unfortunate chain of events. The reporter got all of the facts wrong, then people who I thought had some clue jumped into the mess and only made it worse.
DHS does not want the "keys to the Internet" anymore than they want the keys to your car. The DNSSEC initiative gets funding from DHS' Science and Technology directorate as directed by the National Strategy to Secure Cyberspace, published by the White House in 2003 (disclaimer - I was part of the team at the WH that wrote that document, so feel free to toss barbs at me about it, keeping in mind that it was published over four years ago and A LOT has changed since then...) The DNSSEC initiative is supported by many countries, not just the United States. The root key (actually, the root zone's Key Signing Key or KSK) will be held by the Root Key Operator (RKO), which is some yet-to-be designated organization or group. Details about all of this is at http://www.dnssec-deployment.org if you want to get into the weeds of the initiative. It would be nice if reporters had bothered to contact DHS to request an interview before making statements like, "The Homeland Security Department has stirred up online controversy with its suggestion that the government should hold a master key for digitally signing the root zone of the Domain Name System under the DNS Security scheme." For a more accurate perspective, see this: http://www.upi.com/Security_Terrorism/Analysis/2007/04/12/analysis_owning_th e_keys_to_the_internet. Marc