Personal tools
You are here: Home Workstream Reports Securing the DNS

Securing the DNS

(Links to Strategy 3: Technical Development and Innovation)

Sponsor: Michael Wallmannsberger

Staff Support: Campbell Gardiner

Status: Active Smiley Smiley  


For research and deployment of new technologies that improve the security and stability of the .nz domain name system. Examples include DNS Sec, IP Sec, Certification Authority or a CERT for NZ. The funding is required to provide research, high level policy development and stakeholder consensus-seeking on relevant issues.


$5,000 in 2009/10.

Overall Progress Summary:

Establishment of an NZCERT is in the policy development phase. Contractor Liverton has completed a Certificate Authority scoping report and a CA 'strawman' document.

Activities Planned for next month:

  • Continue NZITF participation.


May 2009

  • Attended NZ-ITF conference.

April 2009:

  • BTF name change to NZITF (New Zealand Internet Taskforce).

March 2009:

November 2008:

  • Attended Botnet Taskforce meeting.
September - October 2008:
  • Hosted NZCERT workshop, with key stakeholders from Government and industry in attendance. Discussed CERT models worldwide, and their applicability to an NZ model.
  • Finalized NZCERT workshop notes.

July 2008:

  • Received stakeholder input and followed up with the SSC asking for a copy of a CERT report they had prepared earlier. 

June 2008:

  • Refined RFP.
  • Contacted some key stakeholders for further input.

May 2008:

  • Drafted an NZCERT Request for Proposal (RFP) document and sent to Exe Dir for review.

April 2008:

  • Followed up with technical experts on Murray's CERT strawman. Tabled NZCERT for discussion at next Tech-Pol meeting re: next steps.

March 2008:

  • CERT strawman presented to a selected group of technical experts for further input.

January - February 2008:

  • CERT strawman/proposal received from Brendan Murray.
  • Advised Tech-Pol of existence of NZCERT-tf mailing list. Some mailing list activity.

July - December 2007:

  • Tech-Pol discussed two options for moving forward: Option one: engage a contractor to produce an initial scoping document (with a larger scoping exercise to be conducted later). Option two: engage a security expert to produce a more substantial report.

  • A range of potential security 'experts' that could produce a scoping  report were discussed, including Colin Jackson.

  • Drafted an NZCERT Terms of Reference; to be approved by Tech-Pol Committee. 
  • Tech-Pol Committee discussed NZCERT at its 18 October meeting.
  • Met again with the SSC, who believe there is a need for detailed scoping, which could be approached jointly by themselves and InternetNZ.
  • Met CCIP, SSC and spoke with AusCERT. Note: SSC advises it is investigating setting up an NZCERT. 
  • Drafted an issues document based on the above discussions, and published to NZCERT mailing list for consideration.  

January - June 2007:

  • Ongoing discussions with potential contractor for scoping.
  • Proposal for scoping received from potential contractor.
  • Discussions with two potential contractors for scoping exercise.

September -  December 2006:

  • Contact with CCIP re: RSS feed.
  • B. Murray liasing with P. Macaulay, F. March re: MED involvement and interest.
  • Discussions on future direction with Exe Dir.

June - August 2006:

  • Website design completed and site installed.
  • Website design work described and delivered.

  • Website functionality developed (including wiki).

April - May 2006:

  • Registered domain name
  • Beta website functionality of Wiki and discussion board further configured.

February - March 2006:

  • Met with CCIP to discuss their role in security activities generally
  • Approached CCIP for RSS feed for INZ use/presentation
  • Beta website functionality of Wiki and discussion board
  • Set up two email lists for NZCERT activities.


  • Task force set up to investigate the setting up of a NZCERT.
Document Actions