Passing the Torch – My Last Root DNSSEC KSK Ceremony as Crypto Officer 4
3 hours ago
- #Internet History
- #DNS Security
- #ICANN
- ARPANET was the precursor to the Internet, initially supporting about 250 computers with a 'hosts file' for name-to-address mapping.
- TCP/IP was developed to support more computers, leading to the Internet's formation as a 'network of networks' in the early 1980s.
- DNS was created to replace the centralized 'hosts file' system, scaling to accommodate billions of devices.
- Early Internet access was limited to academia, military, and research institutions, with no need for robust security in DNS initially.
- DNSSEC was developed in response to security flaws discovered in the 1990s, with the DNS root being cryptographically signed by 2010.
- ICANN implemented a secure, transparent framework for DNSSEC, including geographic diversity, multi-layered security, and live-streamed ceremonies.
- The author served as a Crypto Officer for 15 years, participating in key ceremonies and advocating for diversity in the TCR program.
- The author passed the torch to a successor in 2025, marking the end of their long-term volunteer commitment to ICANN.
- DNSSEC is now widely adopted, with major DNS resolvers enabling validation by default, ensuring the Internet's security and integrity.