Conveners
Public Workshop: DNSSEC
- Duane Wessels (Verisign)
Mr
Ondrej Sury
(CZ.NIC)
15/10/2016, 16:00
Public Workshop
Standard Presentation
CZ.NIC is preparing to switch the DNSSEC Signing Algorithm for .CZ TLD from RSA/SHA-512 to ECDSAP256SHA256. In this presentation I will focus on the reasoning, the preparation, the plan and operational obstacles with changing the DNSSEC Algorithm to Elliptic Curves for the TLD (for the first time ever - if nobody beats us till Dallas).
Paul Hoffman
(ICANN)
15/10/2016, 16:30
Public Workshop
Standard Presentation
Validating resolvers need a way to get the DNSSEC root trust anchors. Today, most use one of the tools built into the popular resolvers, such as unbound-anchor. Some systems want to get and validate the trust anchors independently of any existing resolver software.
We have created a system that only requires Python 2.7 or 3.x with no additional modules, plus any recent OpenSSL command line...
Mr
Matt Larson
(ICANN)
15/10/2016, 16:45
Public Workshop
Standard Presentation
IANA/ICANN/PTI has prepared a plan to change the Root Zone DNSSEC KSK. This talk will present highlights of the plan to explain what will be happening, why this is important to follow, and what the audience needs to do as a result.
One of the IANA Functions that ICANN performs is the management of the Key Signing Key (KSK) for the Root Zone’s DNS Security Extensions (DNSSEC). Knowing what...
