Our Online Safety is Protected by One “Stubborn Lady”
At the Internet Hall of Fame induction ceremony in August 2013, Anne-Marie Eklund Löwinder described herself as a “very, very stubborn lady,” and indeed it was stubbornness (others would call it persistence) that she believes facilitated her Hall of Fame accomplishment: guiding the implementation of the Domain Name System Security Extensions (DNSSEC). That protocol guards against scams, increases safeguards and detects attempts to impersonate legitimate websites, enabling Internet users to be sure we are visiting a secure site.
When the DNSSEC protocol was introduced in 1999, stubbornness was definitely needed, as its acceptance was far from assured. From 1987 to 1997, Eklund Löwinder says, “Sweden was stuck with X.25. That was a requirement of the Swedish government. No one was allowed to bring in IP.”
Eklund Löwinder earned her degree in Computer Science from the University of Stockholm, and well understood the superiority of the Internet Protocol. For a number of years, she had been working for a Swedish agency responsible for all government IT procurement. “I happened to meet some people, who were working with TCP/IP, and learned a lot about it from them,” she recalls. “So I soon realized that IP was far better.” And when DNSSEC was introduced in 1999, to help assure the validity of all the domains in the Internet’s Domain Name System (DNS), Eklund Löwinder had found her passion.
“I had to struggle for years to get the .SE board to understand the importance of DNSSEC. And even though they didn’t fully understand it, they did accept it, but I still had to fight to convince them every year to continue to fund the project. They said there was ‘no demand’ for DNSSEC, and it would add an unnecessary level of complexity to the system; you’d have to have procedures for re-signing, generating new keys, etc., every year. Key management was always a big issue. So, I had to keep pushing.”
In 2004 Eklund Löwinder was hired as Security Manager at .SE, Sweden’s Internet Infrastructure Foundation. She made sure that .SE became the world’s first top-level domain (TLD) to sign DNSSEC, in September 2005. Her next success was getting about 50 second-level domains to sign DNSSEC, mostly in Sweden and mainly friendly users who had to sign an agreement. The Swedish Defense Department was one of them.
She didn’t stop there: She then began marketing the protocol to a wider audience. She produced a news release touting DNSSEC’s benefits and met with Steve Crocker (the current chairman of ICANN) in Stockholm, to help to get the Swedish Post and Telecom Agency on board.
He did. “He provided good backup, meeting with us in Stockholm many times,” she says. And of course, her fellow Internet Hall of Famer carried a lot of weight in the Internet-development community.
Since that time, she has been traveling the world speaking at conferences and organizing training courses on DNSSEC for other TLDs to spur the development of its technology and its usage procedures. Together with two others she has also contributed to the community by writing a framework to assist writers of DNS Security Extensions (DNSSEC) Policies and DNSSEC Practice Statements, such as domain managers and zone operators on both the top level and secondary level, who are managing and operating a DNS zone with Security Extensions implemented, RFC 6841.
One obstacle for the implementation of DNSSEC is the lack of guidance for individual domain holders regarding which requirements should be defined in particular for small and medium-sized businesses. The most recent contribution to the community is a guide with recommendations for DNSSEC deployment, which is designed as an aid and tool for municipalities that have the intention to implement DNSSEC, but also applies to other types of organizations in both the public and private sectors.
Recently, in 2010, she was appointed by ICANN as a Crypto Officer for the Internet root zone; twice a year, she travels to Culpeper, Va., to participate in the intriguing ceremony where smartcards are used to generate the keys that control Root Zone security. And in early 2014 she traveled, as an observer, to Los Angeles, to participate at a similar ceremony on the West Coast, as well.
With a laugh, she told about her contribution to that event: “I vacuum-cleaned the ceremony-room,” she said. More seriously her aim was to compare the ceremony performance with the one on the East coast to find out if there were any notable differences.
Not everyone gets into the Internet Hall of Fame by being a super coder. At the university, Eklund Lowinder took a few courses in programming – and hated it.
“I promised myself to never, ever write another line of code,” she says, without any hint of regret. “And I kept that promise. For the work I’ve been doing, I didn’t need to be a programmer.”
All she needed was her natural-born gift for stubbornness.