Deploy360 1 April 2013

DNSSEC Presentations Coming Up at ICANN46 in Beijing

By Dan YorkDirector, Internet Technology

ICANN 46 logoNext week at the ICANN 46 meetings in Beijing, China, there will be a series of DNSSEC-related workshops. I (Dan York) will be there at ICANN 46 and will be participating in these sessions. If you are able to attend in person, the events will be an excellent way to learn more about DNSSEC.

NOTE: Remote participation IS possible. See the links below to listen to the live streams.


The major DNSSEC-related meetings are on Monday, April 8, 2013, and Wednesday, April 10, 2013. They are:

DNSSEC for Everybody – A Beginner’s Guide

Monday, 8 April 2013 – 5pm-6:30pm, Auditorium – http://beijing46.icann.org/node/37065

This very basic introductory session is aimed to help attendees understand more about how DNSSEC can secure the Domain Name System and make the Internet more secure. As DNSSEC gets more widely deployed it is critical to understand how DNSSEC works. This session provides an interactive and fun way to learn how DNSSEC works, what tools are available to help and what best practices are currently being used.

DNSSEC Workshop

Wednesday, 10 April 2013, 8:30am-2:45pm, Rainbow – http://beijing46.icann.org/node/37125

This 6+ hour workshop brings together industry leaders on DNSSEC for a series of panel discussions about the state of the art in implementing DNSSEC, current best practices, government regulations and operational practices. Sessions also include talks about the latest and innovative uses of DNSSEC. Panels at ICANN 46 include:

  • Introduction and DNSSEC Deployment Around The World
  • DNSSEC: Regulative, Legislative and Persuasive Approaches to Encouraging Deployment
  • DNSSEC Deployment in Asia Pacific
  • Use of DNSSEC in the Reverse Name Space
  • The Operational Realities of DNSSEC
  • DNSSEC Innovation: DANE and Other DNSSEC Applications
  • Root Key Rollover

There will be case studies and reports on some of the latest tools. Of interest to many may be the talk from someone at CNNIC about China’s plans for deploying DNSSEC and signing .CN.  I’ll be moderating the panel on “DNSSEC Innovation” as well as providing a brief tutorial about the DANE protocol and how it helps.  Several of the other panelists will also be talking about DANE so it should be a good session.

I’ve attended several of these workshops now and have been very impressed by the quality of the sessions in terms of technical content.  If you’re at all interested in DNSSEC, I really can’t recommend the event strongly enough.  In full disclosure, I joined the Program Committee for this ICANN 46 workshop, so I’m a wee bit biased… but it also means I’ve seen many of the proposals as well as the completed slide decks – and I can say that there will be some excellent sessions there.


On Monday evening, there will also be an informal gathering of people involved with implementing DNSSEC to discuss and exchange information about DNSSEC implementations.  As noted in the email announcement, you need to RSVP by Thursday, April 4, as it is being held at a local restaurant and a count of attendees is needed.

In looking over the ICANN 46 schedule, another meeting I will probably attend is the “Joint DNS Security and Stability Analysis Working Group (DSSA)” on Thursday, April 11, 2013.  While it is not specifically about DNSSEC, it relates to “DNS security” in general and I would think it should be a rather interesting session given the recent DDoS attacks going on that are using DNS amplification.

If you are going to be at ICANN 46 and would like to meet with me to talk about DNSSEC, IPv6, routing resiliency or just Deploy360 in general, please feel free to drop me a note or find me in one of these sessions mentioned here.


You can also listen to an audio version of this post at:

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...