Jakob Schlyter has more than 15 years of professional experience behind him, and has been active as a consultant since 1996. He has extensive knowledge in areas such as software development, systems- and protocol design. Knowledge and experience that he applies in research and development projects as well as when performing in-depth security analysis of critical system components. Current assignments primarily includes expert consulting regarding network and IT security – in Sweden as well as internationally. Among Jakob’s more specific areas of expertise one can find DNSSEC and applied cryptography, and he is a frequent and popular speaker within these areas.
Working with DNSSEC since 1999, he has played an important part in standardization and deployment. He was responsible for the original design and implementation when .SE was signed in 2006 and is a recognized member of the joint ICANN/VeriSign Root DNSSEC Design Team (http://www.root-dnssec.org/). Jakob is well established within organizations such as IETF (Internet Engineering Task Force) and RIPE (Réseaux IP Européens), and is the author of several Internet standards and specifications (IETF RFC). He is also one of the principals and active developers behind OpenDNSSEC.
Except where otherwise noted, all postings by Jakob Schlyter on CircleID are licensed under a Creative Commons License.
The recent attack on the Comodo Certification Authority has not only shown how vulnerable the current public key infrastructure is, but also that the protocols (e.g., OSCP) used to mitigate these vulnerabilities once exploited, are not in use, not implemented correctly or not even implemented at all. Is this the beginning of the death of the PKI dragons and what alternatives do we have? more
With DNSSEC for the root zone going into production in a couple of weeks, it is now possible for Top Level Domain (TLD) managers to submit their Delegation Signer (DS) information to IANA. But what does this really mean for a TLD? In this post we're going to try to sort that out. more