<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p class="MsoNormal"><span style="font-size:14.0pt;color:black">The
DNSSEC Deployment Initiative and the Internet Society Deploy360
Programme, in cooperation with the ICANN Security and Stability
Advisory Committee (SSAC), are planning a DNSSEC Workshop during
the ICANN64 meeting held from 09-14 March 2019 in Kobe, Japan.
The DNSSEC Workshop has been a part of ICANN meetings for
several years and has provided a forum for both</span><span
style="font-size:14.0pt;color:black"> experienced and new people
to meet, present and discuss current and future DNSSEC
deployments. For reference, the most recent session was held at
the ICANN Annual General Meeting in Barcelona, Spain, on 24
October 2018. The presentations and transcripts are available
at: </span><span class="MsoHyperlink"><span
style="font-size:14.0pt"><a
href="https://63.schedule.icann.org/meetings/901549">https://63.schedule.icann.org/meetings/901549</a></span></span><span
style="font-size:14.0pt;color:black">, and </span><span
class="MsoHyperlink"><span style="font-size:14.0pt"><a
href="https://63.schedule.icann.org/meetings/901554">https://63.schedule.icann.org/meetings/901554</a></span></span><span
style="font-size:14.0pt;color:black">, and </span><span
class="MsoHyperlink"><span style="font-size:14.0pt"><a
href="https://63.schedule.icann.org/meetings/901555">https://63.schedule.icann.org/meetings/901555</a></span></span><span
style="font-size:14.0pt">.</span>
</p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">At ICANN64 we are
particularly interested in live demonstrations of uses of
DNSSEC, DS automation or DANE. Examples might include:</span></p>
<ul>
<li><span style="font-size:14.0pt;color:black">DNSSEC automation
and deployment using CDS, CDNSKEY, and CSYNC</span></li>
<li><span style="font-size:14.0pt;color:black">DNSSEC/DANE
validation in browsers and in applications</span></li>
<li><span style="font-size:14.0pt;color:black">Secure email /
email encryption using DNSSEC, OPENPGPKEY, or S/MIME</span></li>
<li><span style="font-size:14.0pt;color:black">DNSSEC signing
solutions and innovation (monitoring, managing, validation)</span><span
style="font-size:14.0pt;color:black"><br>
</span></li>
<li><span style="font-size:14.0pt;color:black">Tools for
automating the generation of DNSSEC/DANE records</span>
</li>
<li><span style="font-size:14.0pt;color:black">Extending
DNSSEC/DANE with authentication, SSH, XMPP, SMTP, S/MIME or
PGP/GPG and other protocols</span></li>
</ul>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">Our interest is to provide
current examples of the state of development and to show
real-world examples of how DNSSEC and DANE related innovation
can be used to increase the overall security of the Internet.</span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">We are open to
presentations and demonstrations related to any topic associated
with DNSSEC and DANE. Examples of the types of topics we are
seeking include:</span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black"> </span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">1. DNSSEC Panel (Regional
and Global)</span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">For this panel, we are
seeking participation from those who have been involved in
DNSSEC deployment in the region and also from those who have not
deployed DNSSEC but who have a keen interest in the challenges
and benefits of deployment. In particular, we will consider the
following questions: Are you interested in reporting on DNSSEC
validation of your ISPs? What can DNSSEC do for you? What
doesn't it do? What are the internal tradeoffs to implementing
DNSSEC? What did you learn in your deployment of DNSSEC? We are
interested in presentations from both people involved with the
signing of domains and people involved with the deployment of
DNSSEC-validating DNS resolvers.</span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black"> </span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">2. DS Automation</span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">We are looking at
innovative ways to automate the parent child synchronization CDS
/ CDNSKEY and methods to bootstrap new or existing domains. We
are also interested in development or plans related to CSYNC,
which are aimed at keeping the glue up to date.</span><span
style="font-size:14.0pt;color:black"><br>
We would like to hear from DNS Operators what their current
thoughts on CDS/CDNSKEY automation are.</span>
</p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black"> </span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">3. DNSSEC/DANE Support in
the browsers </span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">We would be interested in
hearing from browser develop what their plans are in terms of
supporting DNSSEC/DANE validation.</span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black"> </span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">4. DANE Automation</span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">For DNSSEC to reach massive
deployment levels it is clear that a higher level of automation
is required than is currently available. There also is strong
interest for DANE usage within web transactions as well as for
securing email and Voice-over-IP (VoIP). We are seeking
presentations on topics such as:</span></p>
<ul>
<li><span style="font-size:14.0pt;color:black">How can the
industry use DANE and other DNSSEC applications as a mechanism
for creating a more secure Internet?</span></li>
<li><span style="font-size:14.0pt;color:black">What tools, systems
and services are available to help automate DNSSEC key
management?</span></li>
<li><span style="font-size:14.0pt;color:black">Can you provide an
analysis of current tools/services and identify gaps?</span></li>
<li><span style="font-size:14.0pt;color:black">What are some of
the new and innovative uses of DANE and other DNSSEC
applications in new areas or industries?</span></li>
<li><span style="font-size:14.0pt;color:black">What tools and
services are now available that can support DANE usage?</span></li>
</ul>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">We would be particularly
interested in any live demonstrations of DNSSEC / DANE
application automation and services. Demonstrations of new tools
that make the setup of DNSSEC or DANE more automated would also
be welcome.</span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">If you are interested in
participating, please send a brief (1-2 sentence) description of
your proposed presentation to </span><span class="MsoHyperlink"><span
style="font-size:14.0pt;color:#954F72"><a
href="mailto:dnssec-kobe@isoc.org"><span
style="color:#954F72">dnssec-kobe@isoc.org</span></a></span></span><span
style="font-size:14.0pt;color:black"> before ** <b>07 February
2019</b> **</span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">We hope that you can join
us.</span><span style="font-size:14.0pt;color:black"><br>
Thank you,<br>
Kathy Schnitt </span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black">On behalf of the DNSSEC
Workshop Program Committee:</span></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:14.0pt;color:black" lang="FR-CA">Jean Robert
Hountomey, AfricaCERT</span><span
style="font-size:14.0pt;color:black"></span><span
style="font-size:14.0pt;color:black" lang="FR-CA"><br>
Jacques Latour, .CA</span><span
style="font-size:14.0pt;color:black"></span><span
style="font-size:14.0pt;color:black"><br>
Russ Mundy, Parsons</span><span
style="font-size:14.0pt;color:black"><br>
Ondřej Filip, CZ.NIC<br>
Yoshiro Yoneya, JPRS</span><span
style="font-size:14.0pt;color:black"><br>
Dan York, Internet Society<br>
Mark Elkins, DNS/ZACR</span></p>
<pre class="moz-signature" cols="72">--
Mark James ELKINS - Posix Systems - (South) Africa
<a class="moz-txt-link-abbreviated" href="mailto:mje@posix.co.za">mje@posix.co.za</a> Tel: +27.128070590 Cell: +27.826010496
For fast, reliable, low cost Internet in ZA: <a class="moz-txt-link-freetext" href="https://ftth.posix.co.za">https://ftth.posix.co.za</a>
</pre>
</body>
</html>