From mje at posix.co.za Thu Sep 12 07:23:14 2019 From: mje at posix.co.za (Mark Elkins) Date: Thu, 12 Sep 2019 09:23:14 +0200 Subject: [Community-Discuss] Call for Participation -- ICANN DNSSEC and Security Workshop at ICANN66, Montreal, Canada In-Reply-To: <71A663E4-4886-49BB-97D2-47B6BB983D7D@icann.org> References: <71A663E4-4886-49BB-97D2-47B6BB983D7D@icann.org> Message-ID: <8f483a8f-a8bf-98e6-10d5-0e2b2623d37a@posix.co.za> Anyone in Africa doing interesting work in DNSSEC or related topics? Would you like to share with the community? -------- Forwarded Message -------- Subject: [Dnssec-icann-workshops] Call for Participation -- ICANN DNSSEC and Security Workshop at ICANN66, Montreal, Canada Date: Tue, 10 Sep 2019 20:58:24 +0000 From: Kathy Schnitt Call for Participation -- ICANN DNSSEC and Security Workshop at ICANN66, Montreal, Canada The ICANN Security and Stability Advisory Committee (SSAC) and the Internet Society Deploy360 Programme are planning a DNSSEC? and Security Workshop during the ICANN66 meeting held from 02-07 November 2019 in Montreal, Canada.? The original DNSSEC Workshop has been a part of ICANN meetings for many years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments. The program committee added a new focus on security to the workshop to address various emerging security related issues such as DoT/DoH impacts and potential abuses, impacts of RPKI deployments, BGP hijacking and other Internet related routing issues. For reference, the most recent session was held at the ICANN Policy Forum in Marrakech, Morocco on 24 June 2019. The presentations and transcripts are available at: https://65.schedule.icann.org/meetings/1058207andhttps://65.schedule.icann.org/meetings/1058208. The DNSSEC and Security Workshop Program Committee is developing a 3-hour program.? Proposals are sought for the following topic areas: 1. Global DNSSEC Activities Panel For this panel, we are seeking participation from those who have been involved in DNSSEC deployment as well as from those who have not deployed DNSSEC but who have a keen interest in the challenges and benefits of deployment, including Root Key Signing Key (KSK) Rollover activities and plans. 2. DNSSEC Best Practice Now that DNSSEC has become an operational norm for many registries, registrars, and ISPs, what have we learned about how we manage DNSSEC?? Do you still submit/accept DS records with Digest Type 1? What is the best practice around key roll-overs?? What about Algorithm roll-overs? Do you use and support DNSKEY Algorithms 13-16? How often do you review your disaster recovery procedures? Is there operational familiarity within your customer support teams? What operational statistics have we gathered about DNSSEC? Are there experiences being documented in the form of best practices, or something similar, for transfer of signed zones?? Activities and issues related to DNSSEC in the DNS Root Zone are also desired. 3. DNSSEC Deployment Challenges The program committee is seeking input from those that are interested in implementation of DNSSEC but have general or particular concerns with DNSSEC.? In particular, we are seeking input from individuals that would be willing to participate in a panel that would discuss questions of the following nature: - Are there any policies directly or indirectly impeding your DNSSEC deployment? (RRR model, CDS/CDNSKEY automation) - What are your most significant concerns with DNSSEC, e.g., complexity, training, implementation, operation or something else? - What do you expect DNSSEC to do for you and what doesn't it do? - What do you see as the most important trade-offs with respect to doing or not doing DNSSEC? 4. Security Panel New to the workshop, the program committee is looking for presentations on DNS and Routing topics that could impact the security and/or stability of the internet. . - DoH and DoT implementation issues, challenges and opportunities - RPKI adoption and implementation? issues, challenges and opportunities - BGP/routing/hijack issues, challenges and opportunities - MANRS implementation challenges and opportunities - Emerging threats that could impact (real or perceived)? the security and/or stability of the internet - Domain hacking/hijacking prevention, best practice and techniques - Browser related security implementations - DMARC Challenges, opportunities and Best Practices - BGP Flowspec challenges, opportunities and Best Practices In addition, we welcome suggestions for additional topics, either for inclusion in the ICANN66 workshop, or for consideration for future workshops. If you are interested in participating, please send a brief (1-2 sentence) description of your proposed presentation to dnssec-montreal at isoc.org *by **Friday, 27 September 2019*** Thank you, Andrew and Kathy On behalf of the DNSSEC and Security Workshop Program Committee: Mark Elkins, DNS/ZACR Jacques Latour, .CA Russ Mundy, Parsons Ondrej Filip, CZ.NIC Yoshiro Yoneya, JPRS Fred Baker, ISC Dan York, Internet Society -- Mark James ELKINS - Posix Systems - (South) Africa mje at posix.co.za Tel: +27.128070590 Cell: +27.826010496 For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- _______________________________________________ Dnssec-icann-workshops mailing list Dnssec-icann-workshops at elists.isoc.org https://elists.isoc.org/mailman/listinfo/dnssec-icann-workshops View the Internet Society Code of Conduct: https://www.internetsociety.org/become-a-member/code-of-conduct/ From wdelnour at gmail.com Thu Sep 12 07:33:06 2019 From: wdelnour at gmail.com (Mohd E Hafez) Date: Thu, 12 Sep 2019 15:33:06 +0800 Subject: [Community-Discuss] Call for Participation -- ICANN DNSSEC and Security Workshop at ICANN66, Montreal, Canada In-Reply-To: <8f483a8f-a8bf-98e6-10d5-0e2b2623d37a@posix.co.za> References: <71A663E4-4886-49BB-97D2-47B6BB983D7D@icann.org> <8f483a8f-a8bf-98e6-10d5-0e2b2623d37a@posix.co.za> Message-ID: <76178c20-41b3-6202-1538-e82b7bf2a6f1@gmail.com> hi kindly find our work on DNSSEC for (.SD) https://www.internetsociety.org/blog/2018/12/in-khartoum-a-dnssec-deployathon/ best! hafez On 9/12/19 3:23 PM, Mark Elkins wrote: > > Anyone in Africa doing interesting work in DNSSEC or related topics? > Would you like to share with the community? > > > -------- Forwarded Message -------- > Subject: [Dnssec-icann-workshops] Call for Participation -- ICANN > DNSSEC and Security Workshop at ICANN66, Montreal, Canada > Date: Tue, 10 Sep 2019 20:58:24 +0000 > From: Kathy Schnitt > > > > Call for Participation -- ICANN DNSSEC and Security Workshop at > ICANN66, Montreal, Canada > > The ICANN Security and Stability Advisory Committee (SSAC) and the > Internet Society Deploy360 Programme are planning a DNSSEC? and > Security Workshop during the ICANN66 meeting held from 02-07 November > 2019 in Montreal, Canada.? The original DNSSEC Workshop has been a > part of ICANN meetings for many years and has provided a forum for > both experienced and new people to meet, present and discuss current > and future DNSSEC deployments. The program committee added a new focus > on security to the workshop to address various emerging security > related issues such as DoT/DoH impacts and potential abuses, impacts > of RPKI deployments, BGP hijacking and other Internet related routing > issues. > > For reference, the most recent session was held at the ICANN Policy > Forum in Marrakech, Morocco on 24 June 2019. The presentations and > transcripts are available at: > https://65.schedule.icann.org/meetings/1058207andhttps://65.schedule.icann.org/meetings/1058208. > > The DNSSEC and Security Workshop Program Committee is developing a > 3-hour program.? Proposals are sought for the following topic areas: > > 1.? Global DNSSEC Activities Panel > > For this panel, we are seeking participation from those who have been > involved in DNSSEC deployment as well as from those who have not > deployed DNSSEC but who have a keen interest in the challenges and > benefits of deployment, including Root Key Signing Key (KSK) Rollover > activities and plans. > > 2. DNSSEC Best Practice > > Now that DNSSEC has become an operational norm for many registries, > registrars, and ISPs, what have we learned about how we manage > DNSSEC?? Do you still submit/accept DS records with Digest Type 1? > What is the best practice around key roll-overs?? What about Algorithm > roll-overs? Do you use and support DNSKEY Algorithms 13-16? How often > do you review your disaster recovery procedures? Is there operational > familiarity within your customer support teams? What operational > statistics have we gathered about DNSSEC? Are there experiences being > documented in the form of best practices, or something similar, for > transfer of signed zones?? Activities and issues related to DNSSEC in > the DNS Root Zone are also desired. > > > 3. DNSSEC Deployment Challenges > > The program committee is seeking input from those that are interested > in implementation of DNSSEC but have general or particular concerns > with DNSSEC.? In particular, we are seeking input from individuals > that would be willing to participate in a panel that would discuss > questions of the following nature: > > - Are there any policies directly or indirectly impeding your DNSSEC > deployment? (RRR model, CDS/CDNSKEY automation) > > - What are your most significant concerns with DNSSEC, e.g., > complexity, training, implementation, operation or something else? > > - What do you expect DNSSEC to do for you and what doesn't it do? > > - What do you see as the most important trade-offs with respect to > doing or not doing DNSSEC? > > > 4. Security Panel > > New to the workshop, the program committee is looking for > presentations on DNS and Routing topics that could impact the security > and/or stability of the internet. . > > - DoH and DoT implementation issues, challenges and opportunities > > - RPKI adoption and implementation? issues, challenges and opportunities > > - BGP/routing/hijack issues, challenges and opportunities > > - MANRS implementation challenges and opportunities > > - Emerging threats that could impact (real or perceived)? the security > and/or stability of the internet > > - Domain hacking/hijacking prevention, best practice and techniques > > - Browser related security implementations > > - DMARC Challenges, opportunities and Best Practices > > - BGP Flowspec challenges, opportunities and Best Practices > > In addition, we welcome suggestions for additional topics, either for > inclusion in the ICANN66 workshop, or for consideration for future > workshops. > > If you are interested in participating, please send a brief (1-2 > sentence) description of your proposed presentation to > dnssec-montreal at isoc.org *by > **Friday, 27 September 2019*** > > Thank you, > > Andrew and Kathy > > On behalf of the DNSSEC and Security Workshop Program Committee: > > Mark Elkins, DNS/ZACR > > Jacques Latour, .CA > > Russ Mundy, Parsons > > Ondrej Filip, CZ.NIC > > Yoshiro Yoneya, JPRS > > Fred Baker, ISC > > Dan York, Internet Society > > -- > Mark James ELKINS - Posix Systems - (South) Africa > mje at posix.co.za Tel: +27.128070590 Cell: +27.826010496 > For fast, reliable, low cost Internet in ZA:https://ftth.posix.co.za > > _______________________________________________ > Community-Discuss mailing list > Community-Discuss at afrinic.net > https://lists.afrinic.net/mailman/listinfo/community-discuss -- Mohd Elnour Abdelhafez Information Security Team lead ISOC Sudan Chapter (ccTLD) m.hafez at isoc.sd, skype: wdelnour +60 162 570816 +249 122722690 -------------- next part -------------- An HTML attachment was scrubbed... URL: