Update on the deployment status of two technologies aimed at enhancing regional security
A global survey prepared by researchers at the Freie Universitaet Berlin provided an unique opportunity to assess the deployment status of RPKI (Resource Certification) and DNSSEC (Domain Name System Security Extensions) in Latin America and the Caribbean.
This global initiative spanned all five RIR regions, and the LACNIC community submitted the largest number of responses with information on the deployment status of these security-enhancing technologies in our region.
The LACNIC region provided 43% of the responses analyzed in this research, which was developed with the goal of gaining a better understanding of RPKI and DNSSEC deployment worldwide.
According to Nicolas Fiumarelli of LACNIC’s Engineering Department, this initiative provided a better understanding of “why technologies such as RPKI or DNSSEC are being implemented or not” in our region.
What were the goals of the RPKI/DNSSEC survey?
The survey was the result of an initiative undertaken by Freie Universitaet Berlin researchers for the purpose of trying to achieve a better understanding of the status of global RPKI and DNSSEC deployment. Technical reasons are not always easy to find, so a survey was designed as a tool to gather a larger number of points of view as to why technologies such as RPKI or DNSSEC were being implemented or not. This survey was then sent to the entire community.
How would you rate the LACNIC community’s participation in this global initiative?
I think it was very positive. Those who are already deploying these technologies were able to share their experiences, while those who weren’t aware of RPKI and DNSSEC found out about these technologies, an important step towards achieving the desired level of regional deployment. It would be great if everyone who expressed an interest in these topics would either contact our staff or join us at our conferences so that we can offer them better support.
How would you rate the LACNIC community’s level of familiarity with these security- and stability-enhancing technologies?
The survey shows varying levels of familiarity within the community. Those who have already starting deploying RPKI and DNSSEC have done so to be part of a group of early adopters, while those who have not yet started working towards their deployment are waiting to see a larger number of deployment examples. Some also expressed reservations regarding the trust model proposed by RPKI, while others mentioned they had no knowledge of DNSSEC technology.