Donate
‹ Back
Deploy360 22 April 2015

At RSA Conference Apr 23: Can DNSSEC and DANE Add a Layer Of Trust to TLS and DNS?

Dan York
By Dan YorkDirector, Content and Web Strategy

RSA Conference LogoCan DNSSEC and DANE add a layer of trust to TLS and DNS? That will be the question up for discussion tomorrow, April 23, 2015, at the RSA Conference in San Francisco. As part of the “Peer2Peer” small discussion sessions, Wes Hardaker from Parsons will be facilitating a session from 9:10-10:00am (PDT) with the description:

If we agree that the existing Certificate Authority (CA) system for TLS is broken, how do we fix it? Can the DANE protocol (RFC 6698) and DNSSEC provide a solid mechanism to add a layer of trust to network connections that use TLS? What do we need to do to use DANE and to get DANE more widely deployed? Join other peers in this discussion about how the DANE protocol works, how it is currently being implemented, (particularly in email and XMPP systems) and how DANE might be used in different scenarios. Bring your ideas and criticisms, and be prepared for a lively discussion.

If you are there at the RSA Conference in San Francisco and interested in DNSSEC, DANE and/or how we secure TLS, I would encourage you to stop by and engage in the discussion.   It is not a session being live streamed or anything like that and so you need to be at the actual conference to participate.

I wish I could be there myself… but I’m on the other side of the continent and so I’ll just have to learn from Wes how it went.

P.S. If you want to get started yourself with deploying DNSSEC and DANE, please visit our Start Here page.

‹ Back

Related articles

DANE Interim Meeting on Dec 2 Focused on Email and S/MIME
Deploy36011 December 2014

DANE Interim Meeting on Dec 2 Focused on Email and S/MIME

For those of you interested in tracking the evolution of the DANE protocol to add a DNSSEC-secured layer of trust...

Rough Guide to IETF 90: DNSSEC, DANE and DNS Security
Rough Guide to IETF 90: DNSSEC, DANE and DNS Security
Domain Name System (DNS)16 July 2014

Rough Guide to IETF 90: DNSSEC, DANE and DNS Security

Tuesday at IETF 90 seems to be "DNS Day" with two of the major DNS-related working groups, DNSOP and DANE,...

Testing DANE For Sending Secure Email at the Go6lab
Deploy36028 May 2015

Testing DANE For Sending Secure Email at the Go6lab

After successful DNSSEC signing of go6.si, go6lab.si, zorz.si and other domains in Go6lab we decided that it was time to...

Join the conversation with Internet Society members around the world