via Government Computer News
More than 18 months after the deadline, the deployment of security protocols on .gov domains apparently has stalled at around 50 percent, government officials said.
“We were at 50 percent last year, we were at 50 percent this year,” Lee Ellis, the .gov program manager for the General Services Administration, said at the FOSE conference in Washington July 20. “Fifty percent DNSSEC signed zones is unacceptable.”
There are a variety of technical, financial and organizational barriers to completing DNSSEC deployment, Ellis said, but one of the greatest sticking points might be “orphan websites” – outdated or abandoned sites that have been forgotten by their owners.
A recently announced program to clean up the executive branch’s .gov space and consolidate websites could help to improve the DNSSEC percentages, said Andy Ozment, the White House National Security Council’s director for federal information security policy.
“I believe that many domains that are not signed are domains that their owners don’t know about,” Ozment said.