On October 27, the traditional TechDay took place at the ICANN84 General Meeting in Dublin, Ireland. Participants discussed technical aspects of domain name registries and shared the latest news.
Over the course of four sessions, participants discussed topics including email security, new DNS server management methods, the progress of DNSSEC deployment in top-level domains, and technical updates on both country-code and generic TLDs. A roundtable discussion on DNS abuse was also held.
A group of student researchers, led by Serban Orza of SIDN Labs, presented NTP Info, an application for measuring the accuracy of time transmitted via the Network Time Protocol (NTP). They demonstrated how network latency, geographical distance, packet loss, and even the IP protocol version can affect timing precision.
Peter Thomassen of deSEC reviewed the current status of automated DS record placement, shared adoption statistics, which was still relatively low, and presented best practices for its implementation.
Ulrich Wisser of ICANN outlined the work of the OCTO-TE DNS-LAB, a Technical Engagement initiative focused on DNS structure, operational characteristics, and performance measurements. He invited attendees to join the project.
Régis Massé of AFNIC gave the general principles of operation and configuration of email security mechanisms – SPF, DMARC, and DKIM – and shared statistics on their use in France’s .FR ccTLD.
Thomas Limoncelli introduced DNSControl, a tool for managing and editing DNS server configurations, demonstrating its compatibility with virtually all major DNS software.
Eberhard Lisse (.NA) shared technical updates from Namibia’s national domain, particularly describing the software stack and registry services that support the .NA infrastructure.
During the DNS Abuse roundtable discussion, organized by ccNSO DASC, experts explored how artificial intelligence could be used to identify and mitigate DNS abuse. It was attended by Philip Struyf (.EU registry), who described AI-based detection of suspicious domain names through automated analysis of registration data. Jack Vincent (.UK registry) presented Domain Watch, a rating system combining machine learning with traditional rule-based models. Kristen Peterson (.US registry) presented a multi-tiered proactive blocking system for malicious domains, one component of which uses machine learning algorithms.
Next, the seminar participants discussed DNSSEC implementation in country-code and gTLD zones. Naveed Bin Rais and Hafiz Farooq (UAE) demonstrated a data collection and analysis platform that aggregates DNSSEC resource records for more than 600 million domains, showing how it assists with deployment monitoring.
Maarten Aertsen (NLnet Labs) presented the OpenDNSSEC project, a DNSSEC key management and signing system developed over 15 years. He announced its planned conclusion, adding that it was to be replaced by a new product, Cascade, currently in its alpha version and scheduled for release in 2026. He described the process of collecting user feedback from both OpenDNSSEC and competing products, and how they have taken all their comments into account and built maximum flexibility and functionality into the new Cascade.
In conclusion, Nathan Alan of OXIL presented the risk assessment conducted to evaluate potential collisions between blockchain-based domain systems and the traditional Domain Name System (DNS). He introduced a comprehensive analytical framework developed for this purpose, detailed the assessment parameters, and shared the key findings of their research.
ICANN continues its work. Please, follow our updates.
