Amid the outcry over allegations that the Department of Homeland Security (DHS) wants the security keys to the DNSSEC encryption technology slowly – very slowly – being adopted by internet overlord ICANN, one ICANN board member, the refreshingly candid Susan Crawford, has recently taken her own swipe at security standards in …
Not sure what those keys are, but WE WANT'EM
The problem here, is that the Department of Homeland Stupidity doesn't really know what those keys are, but they heard the word "keys", and naturally they want them.
What it more worrisome, is that this organization (who has only NOW gotten it's first ever non-flunk grade on a FISMA audit), quite clearly does not have anything NEAR the IS/IT security systems that are needed for management of these keys.
What is even more worrisome, is that the Deparment of Homeland Stupidity quite clearly doesn't understand that International (as the Internet today is), means more than 50 states. I'm afraid that if this move is completed, then we will see another case where every government on the planet mandates their own security keys standard, instead of having a simple, global standard.
Now, I see several solutions for this problem, ranking from a simple "no, you can't have them" up onto "no, you can't have them because your ridiculous it standards make you a liability to the internet itself, and you are about to get disconnected for this very reason".
If these keys are to be handled by a central political power, the correct place for them would be the UN. Not, I repeat NOT the United States of America's "Department of Homeland Stupidity".
I mostly agree with your statements about how the keys and how DHS itself should be handled, except for one part, the part about the U.N. having or controlling, or even knowing these keys exist. the memories of the critically acclaimed food for oil scandal is still too fresh in my memory to trust the U.N. with anything, especially something as crucial as DNSSEC encryption keys... tomorrows headlines will read:
U.N. secretary general's son indicted for selling vital root server encryption information to random hackers around the world!
and remember, you cant spell UNethical without U.N.
DHS in charge of security? Scary...
Given that DHS has consistently received failing grades for "cybersecurity" (I know, I know, they FINALLY received a barely non-failing grade), how could anyone think it would be a good idea to put them in charge of DNS security? DHS in charge of cybersecurity is like FEMA in charge of emergency response in New Orleans. The job might get done eventually, but what kind of destruction will be left in its wake?