Archive for category Uncategorized
ICANN Nairobi DNSSEC workshop now available online
Posted by Denise Graveline in Uncategorized on March 10, 2010
Today’s DNSSEC Workshop at the ICANN Nairobi meeting is now available online, with presentations and transcripts. The meeting also included live options for remote participants, which are now closed.
.uk now DNSSEC signed
Posted by Denise Graveline in Uncategorized on March 8, 2010
In this post on Twitter, Nominet IT director Simon McCalla announces that .uk is now signed.
Updated program on DNSSEC at FOSE
Posted by Denise Graveline in Uncategorized on March 5, 2010
We’ve updated the program for the daylong session “What’s Next in DNSSEC” at the FOSE conference and expo, coming up later in March. Go here to see the current roster of speakers and topics on DNSSEC deployment in the federal government, state government, public-private systems, commercial networks and more.
Whither DNSCurve? Vixie answers.
Posted by Denise Graveline in Uncategorized on March 5, 2010
Over at the Internet Systems Consortium blog, Paul Vixie has offered this post, Whither DNSCurve? to answer the question he frequently gets: “what is DNSCurve and what’s ISC’s position on it given our long involvement in DNSSEC?” He concludes with this summation:
I want provably correct DNS content to be universally available. Not just for me but for the entire population of the Internet. I want to stamp out all forms of DNS intermediation whether by recursive nameserver operators or nation-states or hackers. Because DNSSEC can do this, ISC has invested a lot of time and money over the last dozen years helping to develop DNSSEC. Because DNSCurve does not do this, and because the problems DNSCurve actually does solve are pretty well solved by UDP source port randomization and will be entirely eradicated by DNSSEC, ISC is not investing in DNSCurve at all.
HOMEGATE workshop set for April 20-21 in London
Posted by Denise Graveline in Uncategorized on March 2, 2010
HOMEGATE, the Broadband Home Gateway birds-of-a-feather group (BoF) formed at the 76th IETF meeting, will hold a workshop in London April 20-21, and is asking would-be participants to indicate their likely attendance here so that arrangements can be made for a venue. Remote options for participating are promised, so the early RSVP applies to those intending to attend in person.
The group focuses on access to broadband Internet services, which use networking technology in the home, small office/home office (SOHO) or small to medium business (SMB). The group’s draft charter has been focused and coordinated with other Standards Development Organizations “to ensure that the planned work is complimentary and not overlapping with their respective work.”
The effort’s wiki notes:
….many serious, long-term problems face users of home gateways today. At the root of many of these problems is the fact that device manufacturers, and/or the organizations that specify requirements for such devices, are not certain which IETF standards and best current practices should be supported, and when/why that support is needed. As a result of this, millions of devices are being deployed every year, which do not work with important IETF protocols, standards, and best practices that are central to the future of the Internet.
DNSSEC is among the IETF standards to be included in the group’s deliberations. Sign up here for the group’s mailing list for further announcements.
Signing of .uk begins
Posted by Denise Graveline in Uncategorized on March 1, 2010
Nominet has begun signing the .uk country code top-level domain this week, a process expected to conclude March 8. According to the article in PC Advisor, “Nominet will begin signing ‘.co.uk’ – comprising more than 8 million websites – later this year, working with any entity that operates a nameserver, as their software will have to be upgraded for DNSSEC.”
Comcast to deploy DNSSEC by 1st quarter 2011
Posted by Denise Graveline in Uncategorized on February 23, 2010
After two years of testing DNSSEC, Comcast — the largest provider of cable services in the U.S., with 23.6 million cable customers, 15.9 million high-speed Internet customers and 7.6 million voice customers — announced it is starting a trial today and plans to implement DNSSEC by the first quarter of 2011 or sooner. In a blog post, Comcast noted:
We plan to implement DNSSEC for the websites we manage, such as comcast.com, comcast.net and xfinity.com, by the first quarter of 2011, if not sooner. By the end of 2011, we plan to implement DNSSEC validation for all of our customers….If you don’t want to wait until 2011, you can participate in our DNSSEC customer trial, which starts today. Opt-in by changing your DNS server IP addresses to 75.75.75.75 and 75.75.76.76 (we’ll be adding IPv6 addresses soon). The servers supporting this are deployed nationally in the same locations as our other DNS servers that millions of customers use everyday.
You can find FAQs on the Comcast trial here.
Free registration available for FOSE, DNSSEC session
Posted by Denise Graveline in Uncategorized on February 14, 2010
FOSE, the federal information technology conference and expo, offers free registration to federal employees and military personnel. Don’t fit into those categories? The DNSSEC Deployment Coordination Initiative can offer you free registration at this special link.
You can see the full program for the March 24 daylong session “What’s Next in DNSSEC,” sponsored by the Initiative, here. Featured will be updates on U.S. federal government DNSSEC deployment and next steps; state, municipal and public-private network deployment; perspectives on DNSSEC in the commercial, educational and nonprofit sector domains; and lessons learned from deployment across the federal system. The program is free but requires pre-registration.
Internet 2 Joint Techs meeting features campus DNSSEC
Posted by Denise Graveline in Uncategorized on February 9, 2010
Shumon Huque of the University of Pennsylvania reports that the winter ESCC/Internet 2 Joint Techs meeting featured these talks focused on DNSSEC deployment:
- In a talk on the .EDU DNSSEC testbed, Huque and Larry Blunk of Merit Network reviewed DNSSEC plans and features for the .EDU top-level domain, managed by Educause; results of the domain’s DNSSEC testbed conducted by VeriSign and Educause; and how .EDU domain holders will interact with the DNSSEC enabled .EDU registration system.
- Michael Sinatra of the University of California, Berkeley, discussed DNSSEC on Campus, focusing on “real-world experience” based on UC Berkeley’s work signing zones and validating those of others, and participating in a DNSSEC testbed.
- The DNSSEC Rollout Experiences at U.S. Department of Energy National Labs panel included representatives from the Ames Laboratory; the Argonne, Brookhaven and Oak Ridge National Laboratories; and the Energy Sciences Network (ES.net), discussing DNSSEC deployment at national labs in the wake of U.S. federal government requirements.
The meeting took place in Salt Lake City, Utah, January 31-February 2.
RIPE Labs measures DNS transfer size
Posted by Denise Graveline in Uncategorized on February 8, 2010
RIPE Labs has reported the initial results from an effort to measure DNS transfer size, to determine whether larger DNSSEC responses would pose problems once the K-root begins to provide DNSSEC responses to requesting resolvers, and whether the larger responses would reach the resolvers. From the article: “The good news is that the vast majority of measurements yield transfer sizes that will fit current DNSSEC answers from root name servers,” although “some resolvers that could experience time-outs and delays due to misconfigurations and middleware.”
-
You are currently browsing the archives for the Uncategorized category.
Sponsored By
Recent Comments