<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Anyone in Africa doing interesting work in DNSSEC or related
topics? Would you like to share with the community?<br>
</p>
<div class="moz-forward-container"><br>
-------- Forwarded Message --------
<table class="moz-email-headers-table" cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Subject:
</th>
<td>[Dnssec-icann-workshops] Call for Participation -- ICANN
DNSSEC and Security Workshop at ICANN66, Montreal, Canada</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Date: </th>
<td>Tue, 10 Sep 2019 20:58:24 +0000</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">From: </th>
<td>Kathy Schnitt <a class="moz-txt-link-rfc2396E" href="mailto:kathy.schnitt@icann.org"><kathy.schnitt@icann.org></a></td>
</tr>
</tbody>
</table>
<br>
<br>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
line-height:115%;
font-size:11.0pt;
font-family:"Arial",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">Call
for Participation -- ICANN DNSSEC and Security Workshop at
ICANN66, Montreal, Canada<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">The
ICANN Security and Stability Advisory Committee (SSAC) and
the Internet Society Deploy360 Programme are planning a
DNSSEC and Security Workshop during the ICANN66 meeting
held from 02-07 November 2019 in Montreal, Canada. The
original DNSSEC Workshop has been a part of ICANN meetings
for many years and has provided a forum for both experienced
and new people to meet, present and discuss current and
future DNSSEC deployments. The program committee added a new
focus on security to the workshop to address various
emerging security related issues such as DoT/DoH impacts and
potential abuses, impacts of RPKI deployments, BGP hijacking
and other Internet related routing issues.
<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"> <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">For
reference, the most recent session was held at the ICANN
Policy Forum in Marrakech, Morocco on 24 June 2019. The
presentations and transcripts are available at:
</span><span lang="EN"><a
href="https://65.schedule.icann.org/meetings/1058207"
moz-do-not-send="true"><span
style="font-family:"Calibri",sans-serif;color:#1155CC">https://65.schedule.icann.org/meetings/1058207</span></a></span><span
style="font-family:"Calibri",sans-serif" lang="EN">
and</span><span lang="EN"><a
href="https://65.schedule.icann.org/meetings/1058208"
moz-do-not-send="true"><span
style="font-family:"Calibri",sans-serif;color:windowtext;text-decoration:none"></span></a><a
href="https://65.schedule.icann.org/meetings/1058208"
moz-do-not-send="true"><span
style="font-family:"Calibri",sans-serif;color:#1155CC">https://65.schedule.icann.org/meetings/1058208</span></a></span><span
style="font-family:"Calibri",sans-serif" lang="EN">.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">
<o:p>
</o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">The
DNSSEC and Security Workshop Program Committee is developing
a 3-hour program. Proposals are sought for the following
topic areas:
<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">1.
Global DNSSEC Activities Panel<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">For
this panel, we are seeking participation from those who have
been involved in DNSSEC deployment as well as from those who
have not deployed DNSSEC but who have a keen interest in the
challenges and benefits of deployment, including Root Key
Signing Key (KSK) Rollover activities and plans.
<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"> <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">2.
DNSSEC Best Practice<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">Now
that DNSSEC has become an operational norm for many
registries, registrars, and ISPs, what have we learned about
how we manage DNSSEC? Do you still submit/accept DS records
with Digest Type 1? What is the best practice around key
roll-overs? What about Algorithm roll-overs? Do you use and
support DNSKEY Algorithms 13-16? How often do you review
your disaster recovery procedures? Is there operational
familiarity within your customer support teams? What
operational statistics have we gathered about DNSSEC? Are
there experiences being documented in the form of best
practices, or something similar, for transfer of signed
zones? Activities and issues related to DNSSEC in the DNS
Root Zone are also desired.</span></p>
<p class="MsoNormal"><br>
<span style="font-family:"Calibri",sans-serif"
lang="EN"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">3.
DNSSEC Deployment Challenges<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">The
program committee is seeking input from those that are
interested in implementation of DNSSEC but have general or
particular concerns with DNSSEC. In particular, we are
seeking input from individuals that would be willing to
participate in a panel that would discuss questions of the
following nature:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
Are there any policies directly or indirectly impeding your
DNSSEC deployment? (RRR model, CDS/CDNSKEY automation)<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
What are your most significant concerns with DNSSEC, e.g.,
complexity, training, implementation, operation or something
else?<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
What do you expect DNSSEC to do for you and what doesn't it
do?<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
What do you see as the most important trade-offs with
respect to doing or not doing DNSSEC?</span></p>
<p class="MsoNormal"><br>
<span style="font-family:"Calibri",sans-serif"
lang="EN"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">4.
Security Panel
<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">New
to the workshop, the program committee is looking for
presentations on DNS and Routing topics that could impact
the security and/or stability of the internet. .<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
DoH and DoT implementation issues, challenges and
opportunities<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
RPKI adoption and implementation issues, challenges and
opportunities<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
BGP/routing/hijack issues, challenges and opportunities<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
MANRS implementation challenges and opportunities<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
Emerging threats that could impact (real or perceived) the
security and/or stability of the internet<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
Domain hacking/hijacking prevention, best practice and
techniques<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
Browser related security implementations
<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
DMARC Challenges, opportunities and Best Practices<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">-
BGP Flowspec challenges, opportunities and Best Practices<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">In
addition, we welcome suggestions for additional topics,
either for inclusion in the ICANN66 workshop, or for
consideration for future workshops.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">If
you are interested in participating, please send a brief
(1-2 sentence) description of your proposed presentation to
</span><span lang="EN"><a
href="mailto:dnssec-montreal@isoc.org"
moz-do-not-send="true"><span
style="font-family:"Calibri",sans-serif;color:#1155CC">dnssec-montreal@isoc.org</span></a></span><span
style="font-family:"Calibri",sans-serif" lang="EN">
<b><span style="color:red">by **Friday, 27 September 2019**<o:p></o:p></span></b></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">Thank
you,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">Andrew
and Kathy<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">On
behalf of the DNSSEC and Security Workshop Program
Committee:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">Mark
Elkins, DNS/ZACR<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">Jacques
Latour, .CA<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">Russ
Mundy, Parsons<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">Ondrej
Filip, CZ.NIC<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">Yoshiro
Yoneya, JPRS<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">Fred
Baker, ISC<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN">Dan
York, Internet Society<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"> <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"> <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"> <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif" lang="EN"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN"><o:p> </o:p></span></p>
</div>
</div>
<pre class="moz-signature" cols="72">--
Mark James ELKINS - Posix Systems - (South) Africa
<a class="moz-txt-link-abbreviated" href="mailto:mje@posix.co.za">mje@posix.co.za</a> Tel: +27.128070590 Cell: +27.826010496
For fast, reliable, low cost Internet in ZA: <a class="moz-txt-link-freetext" href="https://ftth.posix.co.za">https://ftth.posix.co.za</a>
</pre>
</body>
</html>