Page History
...
On 6 April 2011, the enclosed statement was submitted to the public comment for this issue, the relevant staff person, and the Board Secretary, with a note saying that the document was currently undergoing ALAC ratification.
On 8 April 2011, several comments were posted on the At-Large mailing lists following the filing of the second version of this ALAC Statement. Based on input from these comments, the ALAC Executive Committee added an Addendum which modified the consensus response to Question 4 to more broadly represent the diversity of the At-Large community.
On 11 April 2011, the ALAC began a five day vote on the third version (the present document), consisting of the ALAC Statement with the Addendum. This statement was sent to the staff person responsible for this issue and the Board Secretary, with a note saying that this document was currently undergoing the ALAC ratification process.
[End of IntroductionWiki Markup
Statement of the ALAC on the Public Call by the Stability, Security, and Resilience of the DNS Review Team (SSR-RT)
...
6. Original solutions proposed to increase the Stability, Security, and Resilience of the DNS at the protocol level, including the design of the Root Server system.
Wiki Markup
7. Processes used by DNS users and operators to guarantee that the Risk Analysis related to the DNS is comprehensive and updated.
...
11. Studies or informed opinion related to large-scale risks that can alter the environment of the DNS, and indicators, metrics or harbingers of such risks, including models/frameworks to measure Security, Stability and Resilience of the DNS as a system..
Addendum:
Several late comments have come to light since the filing of the first version of this ALAC Statement. Based on input from these comments we have modified our consensus response to Question 4 to more broadly represent the diversity of our community:
Recent events, like the one that happened to .fr a few weeks ago, due to a software bug, seem to demonstrate the infrastructure may not be ready yet for the full, ubiquitous deployment of DNSSEC.
Some of our members believe that relaxing the pressure for the deployment of DNSSEC and proceeding carefully would allow all operators in the DNS chain to gain additional experience and mitigate the risks.
This would include the new gTLD program, where registries and their backend providers are mandated to deploy DNSSEC from day one.
Others believe that the cost and complexity of deploying DNSSEC is likely to decrease with time and therefore look forward to making DNSSEC mandatory for all new gTLDs. As a result, small new registries from developing countries are not likely to be affected as much by higher costs as initially thought.
The long-term benefits of DNSSEC implementation are likely to outweigh its short term trade-offs and the ALAC would therefore cautiously warrant the full deployment of DNSSEC for all new gTLDs, provided smaller sized applicants are allowed a period of adaptation for them to be able to sign their zone.
...
[1] For example, having multiple registries managing domains under the same TLD. Such proposals have been floating around for a long time. See, for example, the original proposal for the SRS protocol at Wiki Markup
