Font size:
Decrease - Increase +
Page background:
Ordinary White Black Blue
Letter spacing:
Ordinary Average Big
Images:
On Off
Disable visually impaired version close
Version for visually impaired people
News

ICANN83 hosts workshop on DNSSEC security and implementation

11 june

ICANN83 hosted a workshop on DNSSEC security and implementation. The participants discussed development trends in the sphere of DNSSEC technologies, shared relevant research and practical cases of implementing DNS protection technologies.
The workshop once again opened with a traditional report by Eric Osterweil (Verisign), who presented updated statistics on the deployment of DNSSEC, DANE, and RPKI technologies across various domain zones, both country-code and generic. His report featured an interactive map illustrating DNSSEC implementation levels, alongside growth trends in global support for DNSSEC, DANE, and RPKI.

Chaoyi Lu (Tsinghua University) introduced a new initiative: the SSAC DNSSEC Operational Considerations Work Party, aimed to explore the practical aspects of DNSSEC deployment, identify obstacles, and analyze factors that influence its adoption.

Ondřej Surý (Internet Systems Consortium) spoke about the potential of applying post-quantum cryptographic algorithms within DNSSEC. He compared several such algorithms and outlined the anticipated challenges of implementing them in practice. His colleague, Petr Špaček, followed with an update on the development of a new RFC standard concerning the proposed DELEG resource record. This record is designed to store metadata about delegated domain spaces, such as supported protocols (UDP, TCP, TLS, QUIC) and specific name server capabilities.

Next, the seminar participants got down to discussing developments around two ongoing challenges in the DNSSEC protocol specification: DS Automation update and refining the Multi-Signer key management procedure. Steve Crocker provided a historical overview of DNSSEC’s development, highlighting foundational issues relevant to these topics. After him, Juha Suhonen (Center for Science, Finland) shared practical insights on transitioning to the ECDSA algorithm for zone signing. Shumon Huque (Salesforce) elaborated on the use of multiple DNSSEC key algorithms within multi-signature setups.

The session concluded with Felipe Barbosa (InternetNZ) sharing his case of re-architecting a multisig environment, and Johan Stenstam (Swedish Internet Foundation) addressing the complexities of managing DNS in multi-provider scenarios.

ICANN83 continues. Keep following our updates.

Previous News Next news

Read also in the section "News"

11 june US government expresses concern over further expansion of the domain name space 11 june ICANN Board of Directors adopts policy for reviewing decisions on retirement of ccTLDs 11 june Smart Holidays event showcases Coordination Center’s comic for Teens 10 june Applications open for Summer School on Internet Governance 10 june ICANN83 kicks off in Prague 10 june Regular Tech Day workshop held at ICANN83
Contact us
+7 495 730-29-71 Call Ask a question
About the center What we do
Management structure
Contact information
Services WHOIS
WHOIS+
Domain selection
Trademark check
Domain security
Expiring domains
Media center News
Publications
Events
Domains .RU domain names
.РФ domain names
Domain name registrars
Official documents
Help Domains and trademarks
Information security
Internet literacy