Speaker
Mr
Shumon Huque
(Verisign Labs)
Description
This talk will discuss upcoming and future steps envisioned to increase the adoption of DNSSEC and DANE (DNS-based Authentication of Named Entities) by Internet applications. It will start by providing an overview of the current state of adoption of DANE, and then discuss challenges faced by some application communities and some applications for which DANE doesn't yet provide a solution. Among the topics covered will be a proposed new TLS extension to allow servers to deliver a DANE record and the associated DNSSEC chain to clients, a mechanism to allow the use of TLSA records for client authentication, and others.
Summary
This talk will discuss upcoming and future steps envisioned to increase the adoption of DNSSEC and DANE (DNS-based Authentication of Named Entities) by Internet applications. It will start by providing an overview of the current state of adoption of DANE, and then discuss challenges faced by some application communities and some applications for which DANE doesn't yet provide a solution. Among the topics covered will be a proposed new TLS extension to allow servers to deliver a DANE record and the associated DNSSEC chain to clients, a mechanism to allow the use of TLSA records for client authentication, and others.
| Please also consider this submission for the NANOG65 DNS track | Yes |
|---|
Primary author
Mr
Shumon Huque
(Verisign Labs)
