in conjunction with APRICOT 2013

DNSSEC Operations

When: Tuesday, 26 February 2013
Time: 14:00 - 15:30 (UTC +8)
Where: Island (Jurong)
Chair: Han Chuan Lee

Video / Transcripts

Videos and transcripts for this session will be added here soon.

DNSSEC DANE and Diginotar

Olaf Kolkman, NLnetLabs

We use the Diginotar debacle as an example of the problems that exist with Internet Public Key Infrastructure (PKI) technology and make the case for DANE/DNSSEC as one of the building blocks to improve security and trustworthiness of the PKI system.

0 MB% 0 MB% Slides16.8 MB
DNSSEC Deployment in Top Domains

Edward Lewis, Neustar

One year after first presenting observations of how DNSSEC is deployed in the upper zones of the DNS, observations based on an extra year's worth of data as well as lessons learned from discussing this with operators is presented. Following APRICOT 2012 this topic has been presented and discussed in arenas interested in DNSSEC options, in arenas interested in studying the impact of RFC documents on operations, and in arenas discovering gaps in the deployment.

0 MB% 0 MB% Slides717.8 KB
Measuring the use of DNSSEC

Geoff Huston, APNIC

This presentation describes an experiment that attempts to answer the question: "How many users in the Internet today are "protected" by DNSSEC?" The presentation describes the experimental setup, the experiment's results and some strange corner cases we observed in the process of DNSSEC validation by DNS resolvers.

0 MB% 0 MB% Slides1.2 MB