[lacnog] Fwd: Call for Participation -- ICANN DNSSEC and Security Workshop for ICANN73 Community Forum

Nicolas Antoniello nantoniello en gmail.com
Mie Ene 12 13:10:32 -03 2022 

En caso que alguien desee presentar algo...

---------- Forwarded message ---------



*Call for Participation -- ICANN DNSSEC and Security Workshop for ICANN73
Community Forum*



In cooperation with the ICANN Security and Stability Advisory Committee
(SSAC), we are planning a DNSSEC and Security Workshop for the ICANN73
Community Forum being held virtually from 05-10 March 2022 in the Atlantic
Standard  Time Zone (UTC -4). This workshop date will be determined once
ICANN creates a block schedule for us to follow; then we will be able to
request a day and time. The DNSSEC and Security Workshop has been a part of
ICANN meetings for several years and has provided a forum for both
experienced and new people to meet, present and discuss current and future
DNSSEC deployments.  For reference, the most recent session was held at the
ICANN72 Annual General Meeting on Wednesday 27 October 2021. The
presentations and transcripts are available at
https://72.schedule.icann.org/meetings/M24SJN375N2rcupnS,
https://72.schedule.icann.org/meetings/NQMcvSwdLbpdGPaz6, and
https://72.schedule.icann.org/meetings/9g4P3ceRA8FGS34Ei.



The DNSSEC Workshop Program Committee is developing a program.  Proposals
will be considered for the following topic areas and included if space
permits.  In addition, we welcome suggestions for additional topics either
for inclusion in the ICANN72 workshop, or for consideration for future
workshops.



*1.  **Global DNSSEC Activities Panel*

For this panel, we are seeking participation from those who have been
involved in DNSSEC deployment as well as from those who have not deployed
DNSSEC but who have a keen interest in the challenges and benefits of
deployment, including Root Key Signing Key (KSK) Rollover activities and
plans.



*2.  DNSSEC Best Practice*

Now that DNSSEC has become an operational norm for many registries,
registrars, and ISPs, what have we learned about how we manage DNSSEC?



   - Do you still submit/accept DS records with Digest Type 1?
   - What is the best practice around key roll-overs?
   - What about Algorithm roll-overs?
   - Do you use and support DNSKEY Algorithms 13-16?
   - How often do you review your disaster recovery procedures?
   - Is there operational familiarity within your customer support teams?
   - What operational statistics have we gathered about DNSSEC?
   - Are there experiences being documented in the form of best practices,
   or something similar, for transfer of signed zones?



Activities and issues related to DNSSEC in the DNS Root Zone are also
desired.



*3. DNSSEC Deployment Challenges*

The program committee is seeking input from those that are interested in
implementation of DNSSEC but have general or particular concerns with
DNSSEC.  In particular, we are seeking input from individuals that would be
willing to participate in a panel that would discuss questions of the
following nature:



   - Are there any policies directly or indirectly impeding your DNSSEC
   deployment? (RRR model, CDS/CDNSKEY automation)
   - What are your most significant concerns with DNSSEC, e.g., complexity,
   training, implementation, operation or something else?
   - What do you expect DNSSEC to do for you and what doesn't it do?
   - What do you see as the most important trade-offs with respect to doing
   or not doing DNSSEC?



*4. Security Panel*

The program committee is looking for presentations on DNS, DNSSEC and
Routing topics that could impact the security and/or stability of the
internet.



We are looking for presentations that cover implementation issues,
challenges, opportunities and best practices for:



   - Emerging threats that could impact the security and/or stability of
   the internet
   - DoH and DoT
   - RPKI (Resource Public Key Infrastructure)
   - BGP routing & secure implementations
   - MANRS ( Mutually Agreed Norms for Routing Security)
   - Browser security – DNS, DNSSEC, DoH
   - EMAIL & DNS related security – DMARC, DKIM, TLSA, etc…



If you are interested in participating, please send a brief (1-2 sentence)
description of your proposed presentation to
dnssec-security-workshop en icann.org *by COB Friday, January 21 2022*



Thank you,



Kathy and Andrew

On behalf of the DNSSEC Workshop Program Committee:

Steve Crocker, Shinkuro

Mark Elkins, DNS/ZACR

Jacques Latour, .CA

Russ Mundy, Parsons

Ondrej Filip, CZ.NIC

Yoshiro Yoneya, JPRS

Fred Baker, ISC

Dan York, Internet Society
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/lacnog/attachments/20220112/f2ebeb30/attachment-0001.htm>

Más información sobre la lista de distribución LACNOG