Archive for category Uncategorized

RIPE NCC–which has been signing its own zones since 2005–this week released updated global maps showing the progress of DNSSEC deployment.  The report noted: “When the root zone has been signed in June 2010, this acted as a catalyst for TLD operators to deploy DNSSEC on their side. We have seen a gradual but significant increase in signed TLDs since then.”

The RIPE map of country code top-level domain DNSSEC deployment in Europe–one of several in the post–is shown below.  Green indicates ccTLDs that have deployed to date; yellow indicates those with plans to deploy.

Slides are now available for most of the presentations from the FOSE 2011 day-long session, The deployment diaries: DNSSEC in U.S. federal systems and beyond. Featuring a wide range of speakers from U.S. federal agencies and private-sector companies and nonprofits, the session looked at the progress toward U.S. government deployment of DNSSEC in the .gov domain, as well as deployment lessons from domains including .com, .net, .us, .uk and more. Presentations also included insights on validation, updates on DNSSEC and FISMA, advice on what to ask vendors and features of DNSSEC hardware and software solutions.

A special workshop, “The deployment diaries: DNSSEC in U.S. Federal Systems and Beyond” will be featured at the FOSE conference and exposition on Wednesday, July 20, 2011. Several senior White House and federal officials are among the speakers who will address the workshop, including:

• W. Douglas Maughan, Cyber Security Division Director, Science and Technology Directorate, U.S. Department of Homeland Security
• Andy Ozment, Director for Federal Information Security Policy, White House National Security Council
• Doug Montgomer, National Institute of Standards and Technology
• Lee Ellis, General Services Administration
• Earl Crane, Department of Homeland Security
• Sean Donelon, Department of Homeland Security
• Scott Rose, National Institute of Standards and Technology

Joining the federal officials will be executives from companies, registrars and nonprofit providers of DNSSEC services and products, to discuss hands-on experiences with deployment, next steps such as validation, and available resources for federal IT managers working to meet OMB and FISMA requirements for including DNSSEC as an important part of cybersecurity protections.

In 2011, more than half of U.S. federal agencies have not yet deployed the domain name system security extensions (DNSSEC) mandated by OMB and FISMA. In the meantime, private-sector and international deployment continues in other domains around the world. This session will assess progress, identify lessons learned and offer new solutions and models for successful deployment, with an emphasis on solutions.

Participants will learn:

• Where their agencies stand compared to the rest of the .gov domain
• How DNSSEC fits into current cybersecurity priorities for the U.S. government
• Successful deployment models in the public and private sectors, from other domains, ISPs, registrars and more
• New apps, APIs, tools and products to help with federal deployment

The workshop includes break refreshments and requires an additional $35 fee over regular FOSE registration. You can register here.

Federal IT managers can learn what questions they should ask vendors of DNSSEC hardware and software solutions, at a special workshop at the FOSE conference and expo on July 20.

National Institute of Standards and Technology computer scientist Scott Rose will share a list of questions just prior to the lunch break during workshop, after which participants are encouraged to visit the DNSSEC pavilion on the Expo floor to see demonstrations and learn more about available solutions.

Executives from Secure64, Microsoft, Afilias, Infoblox, F5 Network, Nominum and Internet Systems Corporation will take part in the final panel of the workshop, allowing IT managers to hear from and question them about DNSSEC deployment solutions that they offer.

The workshop requires an additional $35 registration fee in addition to regular FOSE registration. It takes place from 10 AM to 4 PM on Wednesday, July 20. Attendees also will be able to hear from senior White House and federal agency officials, as well as executives from agencies, registrars and companies implementing DNSSEC.

Federal information security managers will have the chance to hear hands-on experiences and lessons learned in deploying the domain name system security extensions—from public and private-sector executives–at a special FOSE workshop on July 20.

A special workshop, “The deployment diaries: DNSSEC in U.S. Federal Systems and Beyond” will be featured at the FOSE conference and exposition on Wednesday, July 20, 2011.

Speaking on Where does DNSSEC stand in .gov? A Status Update will be these federal officials:

•Lee Ellis, General Services Administration
•Earl Crane, Department of Homeland Security
•Sean Donelon, Department of Homeland Security
•Scott Rose, National Institute of Standards and Technology

Speaking on Private Sector Deployment in .com, .net, .org and beyond will be:

•Rodney Joffe, Neustar
•Matt Larson, VeriSign
•Simon McCalla, Nominet
•Lance Wolak, Public Interest Registry

Other workshop speakers will include representatives from the White House, and from companies such as Comcast, Verisign, Secure64, Microsoft, Afilias, Infoblox, F5 Network, Nominum and Internet Systems Corporation. The FOSE expo will include a special DNSSEC pavilion where participants can see and learn about DNSSEC hardware and software solutions.

Two senior federal officials will kick off a special July 20 workshop on DNSSEC deployment by providing a view of how securing the DNS fits into federal cyber security requirements.

W. Douglas Maughan, Cyber Security Division Director, Science and Technology Directorate, U.S. Department of Homeland Security, and White House National Security Director for Federal Information Security Policy Andy Ozment will open the session with an overview of DHS efforts to support cooperative global efforts to secure the DNS, as well as those across the US federal agency system.

In 2011, more than half of U.S. federal agencies have not yet deployed the domain name system security extensions (DNSSEC) mandated by OMB and FISMA. In the meantime, private-sector and international deployment continues in other domains around the world. The session will assess progress, identify lessons learned and offer new solutions and models for successful deployment, with an emphasis on solutions.

Participants will learn:

-Where their agencies stand compared to the rest of the .gov domains

-How DNSSEC fits into current cybersecurity priorities for the U.S. government

-Successful deployment models in the public and private sectors, from other domains, ISPs, registrars and more

-New apps, APIs, tools and products to help with federal deployment

Speakers will include representatives from such federal agencies as GSA, NIST and DHS, and from companies such as Comcast, Verisign, Secure64, Microsoft, Afilias, Infoblox, F5 Network, Nominum and Internet Systems Corporation. The FOSE expo will include a special DNSSEC pavilion where participants can see and learn about DNSSEC hardware and software solutions.

The workshop requires an additional $35 registration fee in addition to regular FOSE registration. It takes place from 10 AM to 4 PM on Wednesday, July 20.

Initiative partner Steve Crocker has been named chair of the board of directors of ICANN, the Internet Corporation for Assigned Names and Numbers.  Crocker was part of the team that developed the protocols for the Arpanet and laid the foundation for today’s Internet. In the video below, he discusses the ICANN agenda with CEO Rod Beckstrom:

DNSSEC is now “enabled by default in the current canary and dev channels of Chrome and is on schedule to go stable with Chrome 14,” reports the Imperial Violet blog, which also includes instructions on set up and information for site operators.

ICANN 41 is underway in Singapore, and two sessions will highlight DNSSEC basics and deployment progress at the meeting this week:

• Today, “DNSSEC for Everybody” invited all particpants–no technical experience necessary–for a beginners’ session on deployment. Speakers from ISC, Nominet and VeriSign explained DNSSEC basic and core concepts and share real-world examples and a sample deployment.
• Wednesday, the DNSSEC Workshop will look at worldwide deployment, challenges for registrars, domain name transfers, and deployment outcomes. Reports from deployment efforts in Australia, Germany, Japan, Malaysia, New Zealand, Singapore and  Thailand. Links for remote participation are included for this session, with audio, chat room and scribe feed options for low bandwidth and audiocast and virtual meeting rommoptions for high bandwidth.

Links to presentations are included at each workshop link, above.

The DNSSEC Deployment Coordination Initiative will sponsor a day-long workshop at the FOSE Conference and Expo for federal, state and local government information technology professionals on Wednesday, July 20.

“The deployment diaries: DNSSEC in U.S. federal systems and beyond” will assess progress, identify lessons learned and offer new solutions and models for successful deployment, with an emphasis on solutions. Participants will learn:

• Where their agencies stand compared to the rest of the .gov domain
• How DNSSEC fits into current cybersecurity priorities for the U.S. government
• Successful deployment models in the public and private sectors, from other domains, ISPs, registrars and more
• New apps, APIs, tools and products to help with federal deployment

Speakers include executives from federal agencies, including GSA, NIST, and Homeland Security; nonprofits such as the Internet Systems Consortium and the Public Interest Registry, .org; and companies including Afilias, Comcast, F5 Networks, Infoblox, Microsoft, Neustar, Nominet, Nominum, Secure64, Sparta, VeriSign, and more.

An extra $35 fee is required for workshop registration. Break refreshments will be provided, and attendees will learn what to ask vendors about DNSSEC deployment solutions, as well as lesson learned directly from federal and private-sector deployment. DNSSEC suppliers will be featured at the FOSE Expo. Go here to register for FOSE at a 20 percent discount. Be sure to add the DNSSEC workshop as an “add-on” to your registration.