News

Join our tech webinar on DNS over HTTPS: How to upgrade existing DNS Resolver

2021-01-26 News

CENTR, the Council of European National Top-Level Domain Registries and eco, the Association of the Internet Industry are delighted to invite you to a joint public webinar on DNS over HTTPS. The webinar will take place on 9 February 2021 at 4pm CET.

Encrypted DNS via "DNS-over-HTTPS" and "DNS-over-TLS" (DoH and DoT) are important extensions of the DNS protocol. These new extensions have led to controversial discussions, but every operator of DNS resolver services should consider whether DoH and DoT could be sensibly offered for these services. In September 2020 eco published a discussion paper on this topic including recommendations for operators of DNS services. CENTR has also published an informative issue paper on DoH.

In this workshop we will demonstrate how the DNS Loadbalancer PowerDNS "dnsdist" can be used to extend any existing DNS resolver (BIND 9, Unbound, PowerDNS Recursor, Microsoft DNS etc.) with DoH and DoT. Existing DNS security mechanisms such as Response Policy Zones will be preserved.

Best practices for the operation of DNS resolvers with DoH and DoT (e.g. EDNS Client Subnet) will be discussed, and CENTR will present current practical implementation and research efforts from its current DoH Resolver project.

After the workshop participants will be familiar with the basics of DoH and DoT, and the implementation by means of "dnsdist".

Register to the webinar here

 

Agenda

16:00 pm CET

 

 

 

 

 

Welcome & Housekeeping

Amelia Andersdotter

Director of Strategic Initiatives, CENTR – Council of European National Top-Level Domain Registries

Lars Steffen

Director eco International, eco – Association of the Internet Industry

16:05 pm CET

 

 

Workshop

Carsten Strotmann

DNS Trainer, sys4 AG 

16:50 pm CET

 

 

  

Implementing DoH and DoT

Tomas Krizek 

Tomas is the implementor of DoH in Knot Resolver at CZNIC. He works on high performance benchmarking tool DNS Shotgun, which was developed by CZNIC specifically to test DoT and DoH protocols by simulating real client behavior.

17:20 pm CET

 

 

 

 

 

 

 

Questions & Answers

Carsten Strotmann

DNS Trainer, sys4 AG

Dr. Cynthia Wagner

Security Manager, Restena Foundation; Co-chair of the R&D Working Group, CENTR

Erwin Lansing

Head of Security & Chief Technologist, DK Hostmaster A/S; Co-chair of the R&D Working Group, CENTR

17:30 pm CET

End of workshop