Archive for category Uncategorized
Educause factsheet highlights DNSSEC
Posted by Denise Graveline in Adoption, DNSSEC, Technical guides, Uncategorized on January 15, 2010
Educause has just published a two-page factsheet on 7 things you should know about DNSSEC, aimed at college and university information technology officials. Noting that “DNSSEC can be an important part of a broad-based cybersecurity strategy,” the fact sheet explains that security has special implications for institutions of higher education:
Colleges and universities are expected to be “good Internet citizens” and to lead by example in efforts to improve the public good. Because users tend to trust certain domains, including the .edu domain, more than others, expectations for the reliability of college and university websites are high. To the extent that institutions of higher education depend on their reputations, DNSSEC is an avenue to avoid some of the kinds of incidents that can damage a university’s stature.
Program set for DNSSEC session at FOSE
Posted by Denise Graveline in Uncategorized on January 14, 2010
The program is now available for the DNSSEC Deployment Coordination Initiative’s special session at the FOSE conference and exhibition. “What’s Next in DNSSEC: Securing the Domain Name System,” will take place on Wednesday, March 24, 2010, from 10:00 a.m. to 4:30 p.m. The conference attracts U.S. government information technology professionals in Washington, D.C. In addition to the session, the FOSE Expo will include a special DNSSEC Pavilion with booths from the Initiative as well as other DNSSEC-related exhibitors.
Registration for FOSE is free for U.S. government employees, government contractors and U.S. military, and registration for the Expo is $50. Go here to register for FOSE. To exhibit in the DNSSEC Pavilion at FOSE, contact Don Berey, Show Director at 703-876-5073 or email [email protected].
As speakers are added to the program, this blog will post updates. Here is the program for the DNSSEC session:
What’s Next in DNSSEC: Securing the Domain Name System
Morning session:
10:00-10:15 What’s next in DNSSEC: Overview
Speaker:
Douglas Maughan, Ph.D., Program Manager, Cyber Security R&D, Science & Technology Directorate, U.S. Department of Homeland Security, and sponsor, DNSSEC Deployment Coordination Initiative
10:15-11:00 Advancing Federal DNSSEC Deployment: What to Look For in 2010
Speakers:
Deploying DNSSEC at the Root: Scott Rose, National Institute of Standards and Technology (Speaker TBA)
Getting DNSSEC into Trusted Internet Connections: U.S. Department of Homeland Security
[UPDATED] 11:00-11:15 Break
[UPDATED] 11:15-11:45 From Trust to Transparency: DNSSEC and Open Government
Speakers:
DNSSEC and Open Government: White House Office of Management and Budget (Speaker TBA)
Government-funded Open-Source DNSSEC Tools: Russ Mundy, Sparta
[UPDATED] 11:45-12:30 Beyond Federal Deployment: The Next Wave
Speakers:
Deploying DNSSEC Across a Public-Private Network – R. Kevin Oberman, Energy Sciences Network (ESnet, Ernest O. Lawrence Berkeley National Laboratory
[UPDATED] Deploying DNSSEC in .us — Keith Drazek, Director, Government and Industry Relations, Neustar
Deploying DNSSEC in Commercial and Education — Lauren Price, Senior Product Marketing Manager and Chair of the DNSSEC Industry Coalition, .org, the Public Interest Registry
[UPDATED] Deploying DNSSEC in the Educational and Commercial Sectors – Joe Waldron, Director of Product Management, VeriSign, Inc.
12:30-2pm Break for visiting exhibit floor
Afternoon session:
2:00-2:45 Why DNSSEC Applies to More Federal Systems in 2010
Speakers:
[UPDATED] FISMA Requirements and DNSSEC – Doug Montgomery and Kelley Dempsey, National Institute of Standards and Technology
Updated Requirements from NIST Apply to More Federal Systems – Scott Rose, National Institute of Standards and Technology
2:45-3:00 Break
[UPDATED] 3:00-4:15 Beyond the Mandate: Getting Lessons—and Value—From Deployment
An invited panel of vendors with experience assisting federal agencies with DNSSEC deployment will offer brief lessons learned and field audience questions on getting value from deployment. Moderated by Steve Crocker of Shinkuro and Scott Rose of the National Institute of Standards and Technology.
Speakers include:
Michael Young, Vice President, Product Development, Afilias
Chris Parker-James, Product Manager, BlueCat Networks
Derek McUmber, CEO, Data Mountain Solutions
Nathan Meyer, Product Manager, F5 Networks
Victor Danevitch, Infoblox
Norm Ritchie, Programmes Development Manager, Internet Systems Consortium
William Billings, U.S. Federal Chief Security Officer, Microsoft
Ameet Dhillon, Senior Director of Product Management, Nominum
Mark Beckett, Vice President, Marketing, Secure64
Patrick Naubert, Chief Technology Officer, Xelerance
Deployment watch: Chile to deploy DNSSEC in 2010
Posted by Denise Graveline in Uncategorized on January 12, 2010
Update your DNSSEC deployment maps: NIC Chile has indicated it will deploy DNSSEC in the .CL zone in 2010, the result of research since 2005 in partnership with NIC Labs, its research laboratory. An internal testbed is already working and deployment is set for midyear. NIC Chile will offer training, a public testbed and a forum for feedback from .CL users. You can find more information in Spanish at the .CL DNSSEC website, or the English version.
Deployment watch: .pt, .es.net, berkeley.edu,.de
Posted by Denise Graveline in Adoption, DNSSEC, News, Uncategorized on January 6, 2010
DNSSEC deployment got a running start in the new year, producing these updates on deployment progress around the world:
- Portugal’s .pt has been signed and in production beginning January 4.
- December saw deployment of DNSSEC in es.net, the Energy Sciences Network at the Lawrence Berkeley National Laboratory, which is a high-speed network serving thousands of U.S. Department of Energy scientists and collaborators worldwide.
- January 1 brought DNSSEC deployment in the University of California Berkeley’s berkeley.edu.
- DENIC has announced that Germany’s .de DNSSEC testbed is now running an NSEC3-enabled zone.
Help us stay up-to-date on your organization’s deployment news by submitting information about your DNSSEC deployment deadlines, test beds or other progress to info @ dnssec-deployment.org.
Newsletter turns into new DNSSEC blog:
Posted by Jeffrey Dewhurst in Uncategorized on January 4, 2010
DNSSEC THIS MONTH newsletter will re-launch as a blog beginning January 5, 2010. DNSSEC TODAY will continue to cover the progress of DNSSEC deployment, forthcoming meetings and workshops, and other resources to help you monitor news about DNSSEC deployment. The blog is part of a website redesign for the DNSSEC Deployment Coordination Initiative.
Deployment watch:
Posted by Jeffrey Dewhurst in Uncategorized on January 4, 2010
Netherlands, European Union, dot-US, root zone: Help us stay up-to-date on your organization’s deployment news by submitting information about your DNSSEC deployment deadlines, test beds or other progress to info @ dnssec-deployment.org.
SIDN to sign dot-NL in August:
Posted by Jeffrey Dewhurst in Uncategorized on January 4, 2010
SIDN, the registry for The Netherlands’ dot-NL and ENUM, announced it will implement DNSSEC one month after the root zone is signed in July, setting its implementation for August 2010. SIDN CEO Roelof Meijer said, “Waiting until the root is signed means that we won’t need to implement any interim solutions – which inevitably increase the risk of errors – and it will be possible to sign the whole chain at once. We believe that this is the best and safest way to implement DNSSEC for the dot-NL zone.”
DNSSEC implemented in dot-US:
Posted by Jeffrey Dewhurst in Uncategorized on January 4, 2010
Neustar announced it has implemented DNSSEC in the dot-US country-code top level domain. Rodney Joffe, senior vice president and senior technologist at Neustar, said, “DNSSEC means a more secure and reliable domain name system because its extensions provide origin authentication of DNS data, data integrity and authenticated denial of existence.”
Root zone deployment schedule issued:
Posted by Jeffrey Dewhurst in Uncategorized on January 4, 2010
The root zone DNSSEC deployment team has launched a web site with updates on the effort. It includes documentation and technical status updates on DNSSEC deployment at the root, and will offer announcements as the project moves forward. You can subscribe to future status updates via RSS. For more information, contact the root deployment team.
Initiative shares advice on signing zones:
Posted by Jeffrey Dewhurst in Uncategorized on January 4, 2010
The DNSSEC Deployment Coordination Initiative has published advice for registrars and other DNS operators with “a reasonable set of DNSSEC configuration parameters.” Titled “DNSSEC Operations: Setting the Parameters,” the suggests values to choose for the configuration parameters associated with DNSSEC that provide good security without causing an undue burden on operators’ name service infrastructures. The configuration parameters include key sizes and lifetimes, re-signing periods, and time-to-live for the records. Feedback on the memo is welcomed at [email protected].
-
You are currently browsing the archives for the Uncategorized category.
Sponsored By
Recent Comments