Presentation is loading. Please wait.

Presentation is loading. Please wait.

DNSSEC Tutorial: Status “Today”

Published byAlice Fowler Modified over 5 years ago

Similar presentations

Presentation on theme: "DNSSEC Tutorial: Status “Today”"— Presentation transcript:

1 DNSSEC Tutorial: Status “Today”
f Phil Regnauld Hervey Allen 15 June 2009 Papeete, French Polynesia

2 DNSSEC: Current Status
Who's signed their zones? .bg (Bulgaria) .br (Brazil) .com (“by 2011” according to Verisign) .cz (Czech Republic) .gov .museum .org (signed 2 June 2009) .pr (Puerto Rico) .se (Sweden) Serveral IDN-based TLDs

3 DNSSEC: Current Status cont.
Who's signed their zones? Anyone else? Lots of second-level domains (.org.br, etc.). Islands of trust. Their trust anchors are their TLD (if signed), else a DLV, other signed zone, etc...

4 DNSSEC: Current Status US Government NOI
The US Government's National Telecommunications and Information Administration (NTIA) asked for Public Comments Regarding the Deployment of DNSSEC (i.e. signing the root!): Press release went out 9 October 2008 with comments due by 24 November 2008. See the "NOI Supporting Material” section for the various DNSSEC proposals under consideration. Read the comments. Interesting and from many parties, including many “Internet and DNSSEC Celebrities”. By November 24, there were 55 comments (many very long) received. Was “under consideration” by the US Government.

5 DNSSEC: Signing the Root
3 June 2009: Press releases by ICANN and NIST stating that the U.S. Department of Commerce, ICANN and VeriSign agreed to work together to sign the root by the end of 2009: en.htm

6 DNSSEC Status Conclusion
Multiple methods currently available to use DNSSEC, but nothing is optimal until the root (.) is signed. TLDs can use IANA's ITAR. Second-Level domains can use their ccTLD, if signed, or ISC's DLV, or other trust anchors. Kaminsky exploit makes DNSSEC deployment inevitable... Critical...

Download ppt "DNSSEC Tutorial: Status “Today”"

Similar presentations

IANA Update LACNIC XV, Canún May 2011. Agenda 2 DNSSEC RZM automation NOI Business Excellence.

IANA Update LACNIC XV, Canún May Agenda 2 DNSSEC RZM automation NOI Business Excellence.
IDN TLD Variants Implementation Guideline draft-yao-dnsop-idntld-implementation-01.txt Yao Jiankang.

IDN TLD Variants Implementation Guideline draft-yao-dnsop-idntld-implementation-01.txt Yao Jiankang.
CcTLD Management, ICANN, and the Public Interest July 26, 2001.

CcTLD Management, ICANN, and the Public Interest July 26, 2001.
ICANN Update ARIN VIII Miami, USA 28 October, 2001 Andrew McLaughlin.

ICANN Update ARIN VIII Miami, USA 28 October, 2001 Andrew McLaughlin.
CcTLD Workshop - Jordon 26th -29th Nov, 2007 LIBYA Telecom & Technology GPTC General Post & Telecommunications company Husam Abolhol Adel Elfezani.

CcTLD Workshop - Jordon 26th -29th Nov, 2007 LIBYA Telecom & Technology GPTC General Post & Telecommunications company Husam Abolhol Adel Elfezani.
ICANN’s Preparedness for Signing the Root September 24, 2008 DNS OARC Meeting, Ottawa, CA

ICANN’s Preparedness for Signing the Root September 24, 2008 DNS OARC Meeting, Ottawa, CA
Internet Organizations: A study in political science Fred Baker Chair, ISOC Cisco Fellow.

Internet Organizations: A study in political science Fred Baker Chair, ISOC Cisco Fellow.
IANA Status Update ARIN XXVI meeting, Atlanta Barbara Roseman October 2010.

IANA Status Update ARIN XXVI meeting, Atlanta Barbara Roseman October 2010.
IANA Update APNIC 31, Hong Kong February 2011. Agenda 2 Addressing DNSSEC Root management Continuity Exercise Business Excellence.

IANA Update APNIC 31, Hong Kong February Agenda 2 Addressing DNSSEC Root management Continuity Exercise Business Excellence.
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
1 DNSSEC BoF Internet2 Member Meeting October 15th, 2008 Noon, Napoleon A2

1 DNSSEC BoF Internet2 Member Meeting October 15th, 2008 Noon, Napoleon A2
© Afilias Limitedwww.afilias.info SM Challenges of Deploying DNSSEC: Prepare your ccTLD with Secondary DNS services LACNIC Meeting May 2010 Presented by:

© Afilias Limitedwww.afilias.info SM Challenges of Deploying DNSSEC: Prepare your ccTLD with Secondary DNS services LACNIC Meeting May 2010 Presented by:
1 The State and Challenges of the DNSSEC Deployment Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.

1 The State and Challenges of the DNSSEC Deployment Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.
Inter-Root: A New Self-Governed Architecture for DNS Root Zone Resolution Binxing Fang Xiaohua Chen June,2015 1.

Inter-Root: A New Self-Governed Architecture for DNS Root Zone Resolution Binxing Fang Xiaohua Chen June,
DNS Security Extensions (DNSSEC) Ryan Dearing. Topics History What is DNS? DNS Stats Security DNSSEC DNSSEC Validation Deployment.

DNS Security Extensions (DNSSEC) Ryan Dearing. Topics History What is DNS? DNS Stats Security DNSSEC DNSSEC Validation Deployment.
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
IANA Activities Update RIPE 68 Warsaw, Poland May 2014.

IANA Activities Update RIPE 68 Warsaw, Poland May 2014.
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
CSUF Chapter 6 1. Computer Networks: Domain Name System 2.

CSUF Chapter 6 1. Computer Networks: Domain Name System 2.
Security for the Internet’s Domain Name System DNSSEC Current State of Deployment Prepared for Internet2 BoF Amy Friedlander, Shinkuro, Inc. Based on a.

Security for the Internet’s Domain Name System DNSSEC Current State of Deployment Prepared for Internet2 BoF Amy Friedlander, Shinkuro, Inc. Based on a.

Similar presentations

Ads by Google