Levels DNSSEC validation disappointing
In the field of DNSSEC signing, the Netherlands leads the world in both relative and absolute terms. More than 2.4 million of .nl's 5.5 million-plus domain names are signed. But when it comes to validation, we still have a lot to do. So, as well as organising the DNSSEC tutorial, we offered Techday visitors the chance to win prizes by suggesting ways to speed up the introduction of DNSSEC validation by the internet sector.
And the winners are...
A number of visitors came up with good ideas, such as offering an easy-to-install local name server. From the numerous respondents, we selected five winners. Each will receive a GL-iNET device, which lets you validate DNSSEC key material on your home network. The winners are:
- Alwin de Bruin: Dutch consumers need to be made more aware of DNSSEC, in order to generate demand. Once there is demand, the ISPs will respond. Within the industry, collaboration is needed amongst everyone with a general interest in DNSSEC validation (government, banks, financial institutions). In that context, ISPs can be asked to play their part. In the final analysis, we are all part of the same internet.
- Tom van de Hoek: Should be built into home routers. Solution would also work outside NL.
- Karst Koymans: Offer an easy-to-install local name server.
- Frederique Rijsdijk: Publish step-by-step how-to guides for BSD / LINUx (e.g. Unbound), release OVAs with ready-made set-ups (and maybe KVM-style) and emphasise simplicity (point 1).
- Wouter Schoot: Organise workshops led by experts, e.g. Unbound makers, and get them to support (and actively approach!) providers with validation implementations (following example of PowerDNS helping with implementation of signing).
Would you like to know more about DNSSEC? Do you have a bright idea for promoting DNSSEC validation? Then visit dnssec.nl for detailed information or get in touch with Jelte Jansen by mailing Jelte.firstname.lastname@example.org.