The DNSSEC Deployment Initiative, in cooperation with the ICANN Security and Stability Advisory Committee (SSAC), is planning a DNSSEC Workshop at the ICANN meeting in Prague, Czech Republic on 27 June 2012. The DNSSEC Workshop has been a part of ICANN meetings for several years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments. For reference, the most recent session was held at the ICANN Costa Rica meeting on 14 March 2012. The presentations and transcripts of the presentations are available at http://costarica43.icann.org/node/29659.
We are seeking presentations on the following topics:
1. DNSSEC activities in Europe
This is a key panel and we are seeking participation from those who have been
involved in DNSSEC deployment in Europe as well as those who have a keen
interest in the challenges and benefits of deployment. Key questions are
to consider include: what would help to promote DNSSEC deployment? What
are the challenges you have faced when you deployed DNSSEC? Can DNSSEC
make the information users receive more reliable?
2. ISPs and Validation
ISPs are beginning to take the first step to full DNSSEC implementation
that will allow web users, with software applications like browsers, to
validate that the destination they are trying to reach is authentic and not a
spoofed website. We are seeking ISPs to participate in a panel discussion
or provide presentations on their DNSSEC deployment plans, challenges, and
benefits for users.
3. The realities of running DNSSEC
Now that DNSSEC has become an operational norm for many registries and
registrars, what have we learned about how we manage DNSSEC? What's best
practice around key rollovers? How often do you review your disaster recovery
procedures? Is there operational familiarity within your customer support
teams? Has DNSSEC made DNS more 'brittle' or is it just a run-of-the-mill
operational practice?
4. DNSSEC and Enterprise Activities
DNSSEC has always been seen as a huge benefit to organizations looking to
protect their identity and security on the Web. Large enterprises are an
obvious target for DNS hackers and DNSSEC provides an ideal solution to this
challenge. This session aims to look at the benefits and challenges of
deploying DNSSEC for major enterprises. Topics for discussion:
- What is the current status of DNSSEC deployment among enterprises?
- What plans do the major enterprises have for their DNSSEC roadmaps?
- What are the challenges to deployment for these organizations? Do they foresee raising awareness of DNSSEC with their customers?
5. When unexpected
DNSSEC events occur
What have we learned from some of the operational outages that we have seen
over the past 18 months? Are there lessons that we can pass on to those just
about to implement DNSSEC? How do you manage dissemination of information about
the outage? What have you learned about communications planning? Do you have a
route to ISPs and registrars? How do you liaise with your CERT community?
6. DNSSEC in the wild
What operational statistics have we gathered about DNSSEC? Is it changing DNS
patterns? How are our nameservers handling DNSSEC traffic? Is the volume as expected?
Have we seen anything unusual? Are there experiences being documented in
the form of best practices, or something similar, for transfer of signed zones?
7. DANE and other DNSSEC applications
Using DNSSEC as a means of authentication for http transactions is an exciting
development of DNSSEC. What is the progress of the DNS-Based Authentication of
Named Entities (DANE) initiative? (See http://datatracker.ietf.org/wg/dane/.) How soon could DANE become a deployable
reality and what will be the impact of such a deployment, e.g. impact on
traditional certification authorities (CAs)?
8. The Great DNSSEC Panel Quiz
Ever fancied pitting
your wits against your colleagues? Demonstrate your knowledge and
expertise in DNSSEC in our Great DNSSEC Panel Quiz. We are looking for
four or five people to join us in a light-hearted quiz.
In addition, we welcome suggestions for additional topics. If you are
interested in participating, please send a brief (1-2 sentence) description of
your proposed presentation. Here are the relevant deadlines:
10 May 2012 — Deadline to submit brief description of presentation
from interested participants
04 June 2012 — Deadline to submit presentation slides
Please respond to This email address is being protected from spambots. You need JavaScript enabled to view it. no later than 10 May 2012 as indicated above. We hope
that you can join us.
Thank you,
Julie Hedlund
On behalf of the DNSSEC Workshop Program Committee:
Luis Diego Espinoza, NIC .cr
Steve Crocker, Shinkuro
Simon McCalla, Director of IT, Nominet UK
Russ Mundy, Cobham
Ondřej Surý, NIC.cz
Lance Wolak, Vice
President, Marketing & Sales, .ORG, The Public Interest Registry
--
Ondřej Surý --
Chief Science Officer
-------------------------------------------
CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC
Americka 23, 120 00 Praha 2, Czech Republic
This email address is being protected from spambots. You need JavaScript enabled to view it.
http://nic.cz/
tel:+420.222745110
fax:+420.222745112
-------------------------------------------