Homeland Security demands master key to Domain Names


Richard Moore

Date: Wed, 18 Apr 2007 21:17:40 -0700
To: Sue Supriano <•••@••.•••>
From: Sue Supriano <•••@••.•••>
Subject: Homeland Security demands master key to Domain Name

Hi all,

Never know about trusting blogs, but this was sent out by historian Carolyn 
Baker.  There are many links in the story - have to go to the URL to make 

Original source URL:

DHS demand for DNS master key alarms nations
by Deep Harm
Sat Mar 31, 2007 at 04:03:53 PM PDT

Slashdot and Cryptome report that the U.S. Department of Homeland Security (DHS)
is demanding the master key for the DNS root zone (see 
http://en.wikipedia.org/wiki/Domain_Name_System  for explanation) - a demand 
that has other nations alarmed.  With the master key, DHS would have  control 
over the Internet, as Slashdot describes, quoting an "anonymous reader."

The key will play an important role in the new DNSSec security extension, 
because it will make spoofing IP-addresses impossible. By forcing the IANA 
[Internet Assigned Numbers Authority] to hand out a copy of the master key, the 
US government will be the only institution that is able to spoof IP addresses 
and be able to break into computers connected to the Internet without much 

The issue arose at Friday's meeting of the Internet Corporation for Assigned 
Names and Numbers (ICANN) in Lisbon, Portugal.

     * Deep Harm's diary :: ::

There is no indication yet that U.S. mainstream news media have reported on the 
DHS proposal. U.S. coverage of the ICANN meeting focused (predictably) on a 
proposal to create a domain specifically for adult websites. Cryptome cites a 
German news source, Heisse Online, which provides the following information.

The US Department of Homeland Security (DHS)...wants to have the key to sign the
DNS root zone solidly in the hands of the US government. This ultimate master 
key would then allow authorities to track DNS Security Extensions (DNSSec) all 
the way back to the servers that represent the name system's root zone on the 
Internet. The "key-signing key" signs the zone key, which is held by VeriSign. 
At the meeting of the Internet Corporation for Assigned Names and Numbers 
(ICANN) in Lisbon, Bernard Turcotte, president of the Canadian Internet 
Registration Authority (CIRA) drew everyone's attention to this proposal as a 
representative of the national top-level domain registries (ccTLDs).

At the ICANN meeting, Turcotte said that the managers of country registries were
concerned about this proposal. When contacted by heise online, Turcotte said 
that the national registries had informed their governmental representatives 
about the DHS's plans. A representative of the EU Commission said that the 
matter is being discussed with EU member states. DNSSec is seen as a necessary 
measure to keep the growing number of manipulations on the net under control. 
The DHS is itself sponsoring a campaign to support the implementation of DNSSec.
Three of the 13 operators currently work outside of the US, two of them in 
Europe. Lars-Johan Liman of the Swedish firm Autonomica, which operates the I 
root server, pointed out the possible political implications last year. Liman 
himself nominated ICANN as a possible candidate for the supervisory function.

When other nations are worried, Americans, too, should be concerned. The Bush 
administration has demonstrated that it is unable to wield power responsibly. 
Therefore, its demand for Internet control should be viewed as an opportunity to
abuse its authority to control a medium that has played a critical role in 
holding it accountable.

------ End of Forwarded Message

Sue Supriano: Steppin' Out of Babylon - Radio Interviews

Escaping the Matrix website:            http://escapingthematrix.org/
cyberjournal website:                       http://cyberjournal.org
Community Democracy Framework: http://cyberjournal.org/DemocracyFramework.html
Subscribe cyberjournal list:            •••@••.•••  (send 
blank message)
Posting archives:                               
Moderator:                                         •••@••.•••  (comments