April 2018 archive
The DNSSEC Deployment Initiative and the Internet Society Deploy360 Programme, in cooperation with the ICANN Security and Stability Advisory Committee (SSAC), are planning a DNSSEC Workshop during the ICANN62 meeting held from 25-28 June 2018 in Panama City, Panama.
If you are interested in participating, please send a brief (1-2 sentence) description of your proposed presentation to firstname.lastname@example.org by Friday, 4 May 2018
The DNSSEC Workshop has been a part of ICANN meetings for several years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments. For reference, the most recent session was held at the ICANN Community Forum in San Juan, Puerto Rico on 14 March 2018. The presentations and transcripts are available at:
- Part 1: https://61.schedule.icann.org/meetings/647563
- Part 2: https://61.schedule.icann.org/meetings/647564
- Part 3: https://61.schedule.icann.org/meetings/647565
As this is the shorter “Policy Forum” format for ICANN meetings, the DNSSEC Workshop Program Committee is developing a 3-hour program. Proposals will be considered for the following topic areas and included if space permits. In addition, we welcome suggestions for additional topics either for inclusion in the ICANN62 workshop, or for consideration for future workshops
1. DNSSEC Activities Panel (Regional and global)
For this panel, we are seeking participation from those who have been involved in DNSSEC deployment in the region and also from those who have not deployed DNSSEC but who have a keen interest in the challenges and benefits of deployment, including Root Key Signing Key (KSK) Rollover activities. Now that DNSSEC has become an operational norm for many registries, registrars, and ISPs, questions of interest include:
- What have we learned about how we manage DNSSEC?
- What is the best practice around key rollovers?
- How often do you review your disaster recovery procedures?
- Is there operational familiarity within your customer support teams?
- What operational statistics have we gathered about DNSSEC?
- Are there experiences being documented in the form of best practices, or something similar, for transfer of signed zones?
If you have a specific concern about the Root Key Rollover, or believe you have a method or solution to help address impacts, we would like to hear from you.
2. DNSSEC Deployment Challenges
The program committee is seeking input from those that are interested in implementation of DNSSEC but have general or particular concerns with DNSSEC. In particular, we are seeking input from individuals that would be willing to participate in a panel that would discuss questions of the nature:
- Are there any policies directly or indirectly impeding your DNSSEC deployment? (RRR model, CDS/CDNSKEY automation)
- What are your most significant concerns with DNSSEC, e.g., complexity, training, implementation, operation or something else?
- What do you expect DNSSEC to do for you and what doesn’t it do?
- What do you see as the most important trade-offs with respect to doing or not doing DNSSEC?
We are interested in presentations related to any aspect of DNSSEC such as zone signing, DNS response validation, applications use of DNSSEC, registry/registrar DNSSEC activities, etc. In addition, we welcome suggestions for additional topics.
If you are interested in participating, please send a brief (1-2 sentence) description of your proposed presentation to email@example.com by **Friday, 4 May 2018**
The DNSSEC Workshop Program Committee:
Mark Elkins, DNS/ZACR
Ondrej Filip, CZ.NIC
Julie Hedlund, ICANN
Jean Robert Hountomey, AfricaCERT
Jacques Latour, .CA
Xiaodong Lee, Chinese Academy of Sciences (CAS)
Russ Mundy, Parsons
Kathy Schnitt, ICANN
Yoshiro Yoneya, JPRS
Dan York, Internet Society
The post Call for Participation – ICANN DNSSEC Workshop at ICANN62, Panama City appeared first on Internet Society.
Are you attending the RSA USA 2018 Conference this week in San Francisco? If so, please plan to join this panel session happening Tuesday, April 17, 2018, from 3:30 – 4:14pm (PDT):
IoT Trust by Design: Lessons Learned in Wearables and Smart Home Products
The world has awakened to the need for tighter security and privacy in consumer-grade IoT offerings. This panel will present a trust framework for IoT, and wearable and smart home experts will discuss top attack vectors, typical vulnerabilities in devices, apps and systems, common reasons for design compromise, the evolution of security and privacy in IoT and where it needs to go.
They will be discussing the OTA’s IoT Trust Framework, as well as some new mechanisms available to help enterprises understand the risks associated with IoT devices.
If you believe securing the Internet of Things is a critical step to having a secure Internet, please join Jeff and his panelists to learn more.
Unfortunately there appears to be no live stream available but they do seem to be recording many of the sessions. If Jeff’s session is recorded we will update this post and our event page with that information once the recording is published.
We will be posting updates to our blog and our RSA USA 2018 event page. You can follow our updates on Twitter at @InternetSociety. You can also follow the #RSAC hashtag on Twitter for updates about the overall conference.
The post At RSA USA 2018 in San Francisco this week? Join the IoT Security conversation on Tuesday, April 17 appeared first on Internet Society.
Do you believe ICANN should go ahead with the plan to roll the Root Key Signing Key (KSK) on 11 October 2018? If so (or if not), the deadline for public comment is TODAY, 2 April 2018, at 23:59 UTC. That’s about 9.5 hours from the time I’m publishing this post.
My colleague Kevin Meynell provided more info about this public comment process when it began in March. At the IETF 101 meeting in London, I spoke with ICANN staff who again stated that they would like to hear from many voices about whether they should go ahead with the Root KSK Rollover on 11 October 2018. It’s very simple to send in comments:
You can see the current list of comments at: https://mm.icann.org/pipermail/comments-ksk-rollover-restart-01feb18/2018q1/thread.html (All comments are public.)
I would encourage anyone interested to submit comments (even if they are simply “I support the plan.”).
Image credit: Bryce Barker on Unsplash
The post Deadline TODAY (23:59 UTC) to submit comments to ICANN on 2018 DNSSEC Root KSK Rollover Plan appeared first on Internet Society.