Here are five issues related to Internet infrastructure that Locke will need to address as soon as he takes office:

1. Signing the DNS Root Zone

The Internet engineering community is waiting for the U.S. Commerce Department to approve deployment of DNS Security Extensions (DNSSEC) on the root zone.

DNSSEC prevents hackers from hijacking Web traffic and redirecting it to bogus sites. The Internet standard prevents so-called cache poisoning attacks by allowing Web sites to verify their domain names and corresponding IP addresses using digital signatures and public-key encryption. DNSSEC is viewed as the best way to bolster the DNS against vulnerabilities such as the discovered last summer.

Only Commerce has authority to deploy DNSSEC across the 13 server clusters that carry the DNS root zone data, which is at the pinnacle of the DNS hierarchy. These server clusters resolve requests from the top-level domains, which in turn handle DNS queries for names registered in those domains.