Survey on the impact of software regulation on DNS systems
Robert Wagner
rwagner at tesla.net
Wed Jan 29 11:57:59 UTC 2025
This is not a good survey...
1.
The 2025 US Executive orders point to a dead links. Use the Federal Registrar link as it should be there long-term. 2025-01470.pdf<https://public-inspection.federalregister.gov/2025-01470.pdf> CISA Federal Register :: Improving the Nation's Cybersecurity<https://www.federalregister.gov/documents/2021/05/17/2021-10460/improving-the-nations-cybersecurity>
[https://www.federalregister.gov/assets/open_graph_site_banner.png]<https://www.federalregister.gov/documents/2021/05/17/2021-10460/improving-the-nations-cybersecurity>
Federal Register :: Improving the Nation's Cybersecurity<https://www.federalregister.gov/documents/2021/05/17/2021-10460/improving-the-nations-cybersecurity>
This site displays a prototype of a “Web 2.0” version of the daily Federal Register. It is not an official legal edition of the Federal Register, and does not replace the official print version or the official electronic version on GPO’s govinfo.gov.
www.federalregister.gov
Federal Register on 01/17/2025 and available online at Nationality Act of 1952 (8 U.S.C. 1182(f)), and section 301 of https://federalregister.gov/d/2025-01470 EXECUTIVE ORDER U.S.C. 1601 et seq. 14144<https://public-inspection.federalregister.gov/2025-01470.pdf>
6 develop and publish a preliminary update to the SSDF. This update shall include practices, procedures, controls, and implementation examples regarding the
public-inspection.federalregister.gov
2.
How can one determine the impact of unknown regulations??
FYI - If the EU took it upon themselves to analyze every bit of software and provide a free rating - that may have one outcome. However, if everyone producing open- source software was required to pay some large sum to get their software tested (and face fines if they didn't), that would have a different outcome.
Regulations can be a carrot or stick approach.
Software can be buggy but still be very useful/helpful. Malicious software can be well written (no obvious bugs).
RW
________________________________
From: bind-users <bind-users-bounces at lists.isc.org> on behalf of Marc <Marc at f1-outsourcing.eu>
Sent: Tuesday, January 28, 2025 3:27 PM
To: Victoria Risk <vicky at isc.org>; BIND Users <bind-users at lists.isc.org>; 'CNECT-F3 at ec.europa.eu' <CNECT-F3 at ec.europa.eu>
Subject: RE: Survey on the impact of software regulation on DNS systems
This email originated from outside of TESLA
Do not click links or open attachments unless you recognize the sender and know the content is safe.
>
> Did you know that there is significant momentum building to regulate
> software, including open source, in at least Europe and the US (and
> possibly elsewhere as well), in order to improve cybersecurity? Do you
> think this regulation will improve cybersecurity for your operations?
> What are the opportunities and pitfalls you can envision?
>
>
What about regulating standards? What is the point of regulation open source, when companies like apple and microsoft sabotage third party software/connectivity by not implementing software according to standards. Their upgrades miraculously only break third parties implementations and not their own.
Think eg. of auto provisioning.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20250129/45b44138/attachment-0001.htm>
More information about the bind-users
mailing list