The Internet is slowly beginning to adopt the new DNSSEC domain names standard, but significant challenges remain. That was the main takeaway from a four-hour workshop on the technology held during the recent ICANN 41 public meeting in Singapore, which heard from many domain registries, registrars and other infrastructure providers.

I recently wrote about the encouraging level of DNSSEC adoption among top-level domain name registries, and noted that adoption at the second level and in applications is an important next step for adding more security to the DNS. The root and approximately 20 percent of the top level domains are now signed; it is time for registrars and recursive DNS servers operated by the ISPs to occupy center stage.

Less than nine months after the DNS root was signed, the rollout of DNSSEC across the Internet's top-level domains is approaching the tipping point.

DNSSEC is being rolled out quickly in top-level domain registries around the world, but there's still some way to go to encourage other Internet stakeholders to adopt the new security technology. That was one of the key takeaways from a day-long, comprehensive session on Domain Name System Security Extensions implementation worldwide, held during ICANN's public meeting in Cartagena, Colombia, last week.

Yesterday, the National Telecommunications and Information Administration of the U.S. government hosted a workshop discussing the state of IPv6 in the United States and its impact on industry, government, and the Internet economy.   I was asked to be a panelist, along with industry executives from ARIN, ISOC, ICANN, Comcast, Akamai, Verizon, Google, VeriSign, DOE, NIST, and DREN.

If the rise of phishing has taught us anything, it's that on the Internet, if a digital asset has value, there's somebody out there who wants to steal it. Whether it's a bank account password, a credit card number, a PayPal login, or even a magic sword in an online game, there's a fraudster somewhere trying to misappropriate it for his or her own nefarious purposes.

Domain names have always been a target for such criminals. Companies and individuals doing business online have few assets more valuable than their domain name. It may cost $10 or less to register one, but the domain name is the glue that connects a company to its customers; revenue and brand equity depend upon its security.

July 15, 2010 (yesterday) marked the end of the beginning for DNSSEC , as the DNS root was cryptographically signed. For nearly two decades, security researchers, academics and Internet leaders have worked to develop and deploy Domain Name System Security Extensions (DNSSEC). DNSSEC was developed to improve the overall security of the DNS, a need which was dramatized by the discovery of the Kaminsky bug a few years ago.

What were you doing this week back in 1985? Answer: Probably watching the debut of Back to the Future, a early Steven Spielberg movie which incorporated novel uses of technology to travel in time. During that same time in 1985, however, another innovative use of technology was also making its debut—one with much greater implications for improving our lives on a global scale.

Attendees at the public ICANN meeting in Brussels today heard from over two dozen companies that have implemented or are planning to support DNSSEC, the next-generation standard protocol for secured domain names. It is clearer than ever before that DNSSEC is becoming a reality.

The deployment of Domain Security Extensions (DNSSEC) has crossed another milestone this month with the publication of DURZ (deliberately unvalidatable root zone) in all DNS root servers on 5 May 2010.

While this change was virtually invisible to most Internet users, this event and the remaining testing that will occur over these next two months will dictate the ultimate success of DNSSEC deployment across the Internet.