Donate
‹ Back
Deploy360 14 July 2015

IETF 93 Hackathon July 18-19: DNSSEC, DANE, DPRIVE and DNS Security

Dan York
By Dan YorkDirector, Online Content

IETF HackathonHow can we improve the tools and services that use DNSSEC or DANE?  How can we make DNS more secure and private? (And, why spend a beautiful weekend exploring Prague when we could be inside a hotel conference room working on code???) For a number of us, we’re going to be spending this coming weekend, July 18-19, looking to answer those questions through writing code and changing/updating software as part of the IETF 93 Hackathon.  More info is at:

https://www.ietf.org/hackathon/93-hackathon.html

As IETF Chair Jari Arkko wrote about on the IETF blog, these hackathons are a way to bring “running code” back into the IETF meetings – and also just a great way to advance the deployment and usage of IETF protocols.  They are also just a fantastic way to strengthen the relationships between members of the IETF community.

I’ll be there as one of the “champions” of DNSSEC / DANE / DPRIVE (DNS confidentiality/privacy) along with Allison Mankin, Benno Overeinder, Sara Dickinson and Daniel Kahn Gillmor.  A number of others from within the DNS community have also signed up to join in to the effort – and we’re hoping to attract some of the other participants as well.

On the wiki page listing the technologies, we wrote this for some of the ideas:

  • Contribute to access of end-systems to new developments in DNS
  • Protocols: DANE support for webmail, DNS-over-TLS (application uses), DNS-over-DTLS (stack and uses), TLSA client certs, client privacy election for EDNS client-subnet, getdns language bindings, etc.
  • Tools: portable tool for creating and adding DANE RR’s to zones, changes to existing tools to support new crypto algorithms, etc.
  • Measurement: New tools or sites for measuring DNSSEC or DANE deployment

We’ve had some other ideas, too… we’ll see what we come up with!  (And you’re welcome to send me your ideas for tools you’d like to see!)  I’m personally interested in expanding some of the metrics… and I’m also interested in anything that expands the usage or support of the ECDSA algorithm (I’m thinking more about … what interfaces could be extended to add ECDSA support?)

I’ll post a report back here on the site once the hackathon is over.  If you are going to be at the Hackathon at IETF 93, please do consider joining with us!

P.S. And if you want to get started with DNSSEC and DANE, please see our Start Here page!

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Rough Guide to IETF 99: DNS Privacy and Security, including DNSSEC
Rough Guide to IETF 99: DNS Privacy and Security, including DNSSEC
Domain Name System (DNS)11 July 2017

Rough Guide to IETF 99: DNS Privacy and Security, including DNSSEC

There's a good bit of DNS secrurity and privacy activity happening at IETF 99 next week in Prague, although not all of...

Rough Guide to IETF 102: DNSSEC, DNS Security and Privacy
Rough Guide to IETF 102: DNSSEC, DNS Security and Privacy
IETF13 July 2018

Rough Guide to IETF 102: DNSSEC, DNS Security and Privacy

DNS privacy will receive a large focus in the latter half of the IETF 102 week with attention in the...

Rough Guide to IETF 93: DNSSEC, DANE, DPRIVE and DNS Security
Rough Guide to IETF 93: DNSSEC, DANE, DPRIVE and DNS Security
Domain Name System Security Extensions (DNSSEC)15 July 2015

Rough Guide to IETF 93: DNSSEC, DANE, DPRIVE and DNS Security

Wow! There is a crazy amount of DNS activity happening at IETF 93 next week in Prague! Beyond the usual...

Join the conversation with Internet Society members around the world