January 2015 archive
Jan 20
TDYR 215 – Reflections on Sri Lanka and the Road To Kandy
Jan 19
FIR #791 – 1/19/15 – For Immediate Release
Jan 19
FIR #791 – 1/19/15 – For Immediate Release
Jan 15
The Fundamental Tension Between Safety And Privacy (And The UK’s Proposed Encryption Ban)
How do we balance safety and privacy? In a speech this week, UK Prime Minister David Cameron suggested that the UK ought to ban any communications applications that can't be intercepted - and said that if his government is re-elected this will be a major part of his legislation. His key question was:
"In our country, do we want to allow a means of communication between people, which even in extremis with a signed warrant from the home secretary personally, that we cannot read?"
Jan 14
Over 600 Top-Level Domains Now Signed With DNSSEC
As I was entering in data for the weekly DNSSEC Deployment Maps, I was struck by the fact that we are now at the point where 615 of the 793 top-level domains (TLDs) are now signed with DNSSEC. You can see this easily at Rick Lamb’s DNSSEC statistics site:
This represents 77% of all current TLDs!
Now, granted, most of that amazing growth in the chart is because all of the “new generic TLDs” (newgTLDs) are required to be signed with DNSSEC, but we are still seeing solid growth around the world. If you look at the most recent DNSSEC Deployment Maps you can see that much of the world is being shown as “green” as more and more country-code Top Level Domains (ccTLDs) sign with DNSSEC:
Of course, having a TLD signed doesn’t mean that the second-level domains will be signed with DNSSEC. As various DNSSEC statistics sites will show, the percentage of signed second-level domains varies widely, from around 80% in .GOV down to tiny percentages in other TLDs.
BUT… the key point is that the first step in signing your domain is to be sure that your TLD is signed!
After the TLD has been signed, THEN steps can be taken to get more DNSSEC deployment happening underneath that TLD. Look at how successful Norway has been with .NO after they recently signed the domain!
With some of the work that is happening via various DNSSEC Workshops, ICANN’s DNSSEC training and other forums I know that we’ll see more and more of the TLDs being signed in the months ahead. The excuse that “TLDs are not signed with DNSSEC” can no longer be used as an excuse for NOT working with DNSSEC and DANE!
Great to see!
P.S. If you want to get started with DNSSEC, please visit our Start Here page to find resources to help you begin.
Jan 12
TDYR 213 – Heading to Sri Lanka to Talk about IPv6, DNSSEC, IETF and more…
Jan 12
In 5 Days, ION Sri Lanka Will Cover IPv6, DNSSEC, DANE, BGP, TLS, BCOP and more
Coming up in just over 5 days, our ION Sri Lanka event will take place in Kandy, Sri Lanka, on Sunday, January 18, 2015, beginning at 10:00 am India Standard Time (IST, UTC+5:30). As our agenda shows, we have an ambitious list of sessions covering pretty much all of the topics we cover here at Deploy360. Sessions include:
- Welcome from the Internet Society Sri Lanka Chapter, Prof. Gihan Dias (Internet Society Sri Lanka Chapter)
- Two Years After World IPv6 Launch: Are We There Yet?, Vivek Nigam (APNIC)
- Why Implement DNSSEC?, Jitender Kumar (Afilias)
- Deploying DNSSEC: A .LK Case Study, Sashika Suren (LK Domain Registry)
- DANE: The Future of Transport Layer Security (TLS), Dan York (Internet Society)
- Lock it Up: TLS for Network Operators, Chris Grundemann (Internet Society)
- What’s Happening at the IETF? Internet Standards and How to Get Involved, Dan York (Internet Society) and Thilini Rajakaruna (former IETF Fellow)
- Operators & the IETF, Chris Grundemann (Internet Society)
- Best Current Operational Practices – An Update, Jan Žorž (Internet Society)
- IPv6 Success Stories– Network Operators Tell All!, Asela Galappattige (Sri Lanka Telecom); Senevi Herath (LEARN); Matsuzaki Yoshinobu (IIJ)
We have an excellent set of speakers and are very much looking forward to this event!
REGISTRATION IS FREE! If you can get to the Amaya Hills Hotel in Kandy, Sri Lanka, there is no additional cost to attend ION Sri Lanka. You do need to register by filling out the SANOG registration form.
If you will not be able to get to the ION Sri Lanka location, we’ll be offering a live video stream / webcast of the event via YouTube Live events. Do note that all events happen on Sunday, January 18, starting at 10:00 am India Standard Time (IST). Given that this is UTC+5:30, the start of ION Sri Lanka may actually be in the late hours of Saturday, January 17, for people in the United States. Here are some examples:
- 10:00 am, Sunday, Jan 18 – IST, Kandy, Sri Lanka
- 5:30 am, Sunday, Jan 18 – CET, central Europe
- 4:30 am, Sunday, Jan 18 – UTC
- 11:30 pm, Saturday, Jan 17 – EST, east coast, USA
- 8:30 pm, Saturday, Jan 17 – PST, west coast, USA
You may find it helpful to use one of the time/date conversion tools to ensure your timing is correct. All the sessions will be recorded for later viewing and the slides will be available online as well.
To stay up-to-date about ION Sri Lanka you can also join:
If you are on Twitter, you can follow @Deploy360 and use hashtag #IONConf for all things ION!
We’re looking forward to seeing many people at the ION Sri Lanka event and joining in the other SANOG 25 activities happening there. If you are in Sri Lanka (or can get there), please do join us for ION Sri Lanka!
P.S. And if you want to get started today with IPv6, DNSSEC or other topics, please visit our Start Here page to begin – why wait for ION Sri Lanka? Why not start now?
Jan 12
FIR #790 – 1/12/15 – For Immediate Release
Jan 12