Como reacción a una exigencia del Departamento de Seguridad Nacional de los Estados Unidos para que facilitara la clave maestra de las extensiones de seguridad de los servidores raíz DNS, ICANN pretende hacer una maniobra estratégica y convertirse en organización privada internacional, con el fin de obtener inmunidad con respecto a las regulaciones y las leyes estadounidenses o bien, si como parece previsible no lo logran, podría trasladarse a Suiza, donde tales privilegios son más fáciles de obtener.
“At an ICANN meeting in Lisbon, the US Department of Homeland Security made it clear that it has requested the master key for the DNS root zone. The key will play an important role in the new DNSSec security extension, because it will make spoofing IP-addresses impossible. By forcing the IANA to hand out a copy of the master key, the US government will be the only institution that is able to spoof IP addresses and be able to break into computers connected to the Internet without much effort. There’s a further complication, of course, because even ‘if the IANA retains the key … the US government still reserves the right to oversee ICANN/IANA. If the keys are then handed over to ICANN/IANA, there would be even less of an incentive [for the U.S.] to give up this role as a monitor. As a result, the DHS’s demands will probably only heat up the debate about US dominance of the control of Internet resources.'”
“In what is perhaps a reaction to recent Homeland Security demands, a strategic report by ICANN suggests that it should take on the model of a private international organization (PDF). That would make ICANN immune from US law and regulations. However, it’s unlikely that the Bush administration would grant ICANN these privileges. So the organization might opt to relocate to Switzerland where such privileges are easier to attain.”
Department of Homeland and Security wants master key for DNS
The US Department of Homeland Security (DHS), which was created after the attacks on September 11, 2001 as a kind of overriding department, wants to have the key to sign the DNS root zone solidly in the hands of the US government. This ultimate master key would then allow authorities to track DNS Security Extensions (DNSSec) all the way back to the servers that represent the name system’s root zone on the Internet. The “key-signing key” signs the zone key, which is held by VeriSign. At the meeting of the Internet Corporation for Assigned Names and Numbers (ICANN) in Lisbon, Bernard Turcotte, president of the Canadian Internet Registration Authority (CIRA) drew everyone’s attention to this proposal as a representative of the national top-level domain registries (ccTLDs).
At the ICANN meeting, Turcotte said that the managers of country registries were concerned about this proposal. When contacted by heise online, Turcotte said that the national registries had informed their governmental representatives about the DHS’s plans. A representative of the EU Commission said that the matter is being discussed with EU member states. DNSSec is seen as a necessary measure to keep the growing number of manipulations on the net under control. The DHS is itself sponsoring a campaign to support the implementation of DNSSec. Three of the 13 operators currently work outside of the US, two of them in Europe. Lars-Johan Liman of the Swedish firm Autonomica, which operates the I root server, pointed out the possible political implications last year. Liman himself nomited ICANN as a possible candidate for the supervisory function.
The Internet Assigned Numbers Authority (IANA), which handles route management within the ICANN, could be entrusted with the task of keeping the keys. An ICANN/IANA solution would offer one benefit according to some experts: there would be no need to integrate yet another institution directly into operations. After all, something must be done quickly if there is a problem with the signature during operations. If the IANA retains the key, however, US authorities still have a political problem, for the US government still reserves the right to oversee ICANN/IANA. If the keys are then handed over to ICANN/IANA, there would be even less of an incentive to give up this role as a monitor. As a result, the DHS’s demands will probably only heat up the debate about US dominance of the control of Internet resources. (Monika Ermert) (Craig Morris) / (jk/c’t)