On Monday, ICANN83 hosted the usual Tech Day session, moderated by Eberhard Lisse (Namibian Network Information Center), where participants discussed the latest technological achievements and DNS infrastructure development, and shared the results of their research.
Nai-Wen Hsu (.TW ccTLD registry) spoke about the implementation of DS record update automation while using DNSSEC and the challenges encountered in the process. He shared very modest statistics on the use of DNSSEC in .TW and the experience of automating DS resource record updates. He also spoke about the difficulties faced during its implementation, and why the registry does not yet support DNSKEY records. In conclusion, he shared plans for the development of a DNSSEC automation system.
Jaromir Talir (CZ.NIC) shared the Czech registry’s achievements, also discussing the Knot DNS, MojeID and European Digital Identity Wallet projects. The EU Digital Identity Wallet is intended to provide a secure storage for a range of EU citizens’ digital documents. The project is being promoted by the European Commission at the legislative level and is to be widely implemented across the European Union by the end of 2026.
Ulrich Wisser (ICANN Org) spoke about potential errors in various emergencies related to the lifetimes of SOA and RRSIG records. RFC 6781 recommends that the lifetime of an SOA record should be approximately one-third or one-quarter of the digital signature’s validity period. However, according to a study that canvassed various zones, cited by Ulrich Wisser, this recommendation is rarely followed. The situation looks better in ccTLDs and significantly worse in gTLDs, and can potentially lead to DNSSEC-related errors.
Gavin Brown (ICANN) demonstrated a new tool for integrating RDAP and EPP requests through a single platform. The tool is part of Registry System Testing (RST) v2.0 and is available on the official ICANN website.
Tamás Csillag (PCH) spoke about DNSSEC Multi signer setup, a model that allows multiple independent DNS operators to sign a single domain simultaneously, citing the example of .PG.
Nathan Alan (DNS Research Federation) presented the preliminary results of a study that considers the use of blockchain for addressing - potential challenges and risks, the system’s integration into browsers, its compatibility with the classic DNS, and other aspects.
Dušan Stojičević (Gransy) spoke about the capabilities of a Regtons Registry & Anycast solution offering back-end registry operator functionality.
The forum keeps going - follow our updates.
