Deploy360 16 June 2015

DNSSEC And DANE Activities At ICANN53 In Buenos Aires On 22-24 June

By Dan YorkDirector, Internet Technology

ICANN 53 LogoNext week we’ll be in Buenos Aires, Argentina, for the 53rd meeting of the Internet Corporation for Assigned Names and Numbers (ICANN) and as per usual there will be a great amount of DNS security activity happening.  Some great introductions to DNSSEC and DANE – and some outstanding technical talks (and demos!) on Wednesday. Here are the three main activities – remote participation is available for two of them.  Do note that all times are Argentina Time (ART) which is UTC-3.

DNSSEC For Everybody: A Beginner’s Guide

On Monday, 22 June 2015, we’ll have the regular “DNSSEC For Everybody: A Beginner’s Guide” session from 17:00-18:30 ART where we’ll do our “skit” dramatizing DNS and DNSSEC.  If you have been seeking to understand WHY this all matters, do join in to see!  You can watch it remotely (or watch the archive later) at:

And yes, I’ll be talking about blue smoke as I usually do… and I’ll be in the skit because, why not? 🙂

DNSSEC Implementers Gathering

After the DNSSEC For Everybody session on Monday, many of us who have been involved with deploying DNSSEC or DANE will travel to a nearby Irish pub (yes, in Argentina!) for the “DNSSEC Implementers Gathering” for food, drink and conversation from 19:30-21:30 ART.  Many thanks to CIRA, NIC.AR and SIDN for sponsoring this event.  If you will be at ICANN 53 and would like to join, please RSVP to Julie Hedlund by the end of the day on Thursday, 18 June.

DNSSEC Workshop

As usual, the main event will be the DNSSEC Workshop on Wednesday, 24 June 2015, from 9:00 to 15:15 ART. NOTE THE LATER START TIME! Previously the workshops started at 8:30am but this time our start is 9:00.

Remote participation information, slides, the agenda and more info can be found at:

The sessions will be recorded if you would like to listen to them later.  Slides will be posted as the date gets closer.

The current agenda includes:

0900-0915 – DNSSEC Workshop Introduction, Program, Deployment Around the World – Counts, Counts, Counts

  • Dan York, Internet Society
0915-1030 – Panel Discussion: DNSSEC Activities in the Latin American Region

  • Moderator/Presenter: Luciano Munichin, NIC.AR
  • Panelists:
    • Luis Diego Espinoza, Consultant, Costa Rica
    • Carlos Martinez, LACNIC
    • Gonzalo Romero, .CO
    • Frederico Neves, .BR
    • Hugo Salgado, NIC.CL
1030-1100 – Presentation: Update on DNSSEC KSK Root Key Rollover

  • Ed Lewis, ICANN
1100-1115 – Break
1115-1215 – Panel Discussion: DNSSEC Automation

  • Moderator: Russ Mundy, Parsons
  • Panelists:
    • Eberhard Lisse, .NA – Proof of Concept on Smart Card HSM to Automate Key Signing
    • Robert Martin-Legène, Packet Clearing House — PCH DNSSEC Signing Service
    • Joe Waldron, Verisign – Verisign DNSSEC Signing Service
1215-1230 – Great DNS/DNSSEC Quiz

  • Paul Wouters, Fedora
1230-1330 – Lunch Break
1330-1445 – Demonstrations and Presentations: DANE and Applications

  • Moderator: Dan York, Internet Society
  • Panelists:
    • Jaap Akkerhuis, NLNetLabs – One Year of DANE (Some) Lessons Learned
    • Wes Hardaker — Presentation on Opportunistic SMTP Encryption
    • Jacques Latour, CIRA — DNS Operator Role in Domain Management
    • Danny McPherson, Verisign Labs — DNSSEC/DANE: Tools to Encourage Adoption
1445-1500 – Presentation: Deploying New DNSSEC Algorithms

  • Dan York, Internet Society
1500-1515 – Presentation: DNSSEC – How Can I Help?

  • Russ Mundy, Parsons and Dan York, Internet Society

The whole ICANN 53 should be a great event and I’m very much looking forward to it!  Beyond our work with DNSSEC, DANE and DNS security, there will also be a great amount of public policy work happening as well.

If you will be there at ICANN 53 please do say hello – you can find me in these sessions… or drop me a note at [email protected] and we can arrange a time to connect.

And … if you want to get started with DNSSEC and DANE, please visit our Start Here page to find resources that can help!

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...