NordVPN Promotion

Home / Blogs

DNSSEC Successes, Statistics and Innovation Streaming Live from ICANN 53 on 24 June 2015

Protect your privacy:  Get NordVPN  [ Deal: 73% off 2-year plans + 3 extra months ]
10 facts about NordVPN that aren't commonly known
  • Meshnet Feature for Personal Encrypted Networks: NordVPN offers a unique feature called Meshnet, which allows users to connect their devices directly and securely over the internet. This means you can create your own private, encrypted network for activities like gaming, file sharing, or remote access to your home devices from anywhere in the world.
  • RAM-Only Servers for Enhanced Security: Unlike many VPN providers, NordVPN uses RAM-only (diskless) servers. Since these servers run entirely on volatile memory, all data is wiped with every reboot. This ensures that no user data is stored long-term, significantly reducing the risk of data breaches and enhancing overall security.
  • Servers in a Former Military Bunker: Some of NordVPN's servers are housed in a former military bunker located deep underground. This unique location provides an extra layer of physical security against natural disasters and unauthorized access, ensuring that the servers are protected in all circumstances.
  • NordLynx Protocol with Double NAT Technology: NordVPN developed its own VPN protocol called NordLynx, built around the ultra-fast WireGuard protocol. What sets NordLynx apart is its implementation of a double Network Address Translation (NAT) system, which enhances user privacy without sacrificing speed. This innovative approach solves the potential privacy issues inherent in the standard WireGuard protocol.
  • Dark Web Monitor Feature: NordVPN includes a feature known as Dark Web Monitor. This tool actively scans dark web sites and forums for credentials associated with your email address. If it detects that your information has been compromised or appears in any data breaches, it promptly alerts you so you can take necessary actions to protect your accounts.

Where has DNSSEC been successful? What are some current statistics about DNSSEC deployment? What are examples of innovations that are happening with DNSSEC and DANE?

All of these questions will be discussed at the DNSSEC Workshop at ICANN 53 in Buenos Aires happening on Wednesday, June 24, 2015, from 09:00 – 15:15 Argentina time (UTC-3). You can watch and listen to the session live at:

https://buenosaires53.icann.org/en/schedule/wed-dnssec

All the slides that will be presented are currently available for download. The session will be recorded and the recording will be available from that same URL sometime after the meeting.

Here’s a quick look at the agenda for the day’s session:

1. Introduction and DNSSEC statistics – I will begin the day introducing the session and providing some of the latest statistics and information about DNSSEC deployment, both in terms of validation and signing.

2. DNSSEC Activities in the Latin American Region – We’ll have a series of speakers providing updates on DNSSEC deployment in the LAC region. Speakers include:

  • Luciano Minuchin, NIC.AR – NIC Argentina (also panel moderator)
  • Luis Diego Espinoza, Consultant, Costa Rica – DNSSEC Activities in LAC
  • Carlos Martinez, LACNIC – DNSSEC in the Reverse Tree at LACNIC
  • Gonzalo Romero, .CO – DNSSEC in the .CO: ccTLD Experiences and Challenges
  • Rubens Kuhl, .BR – .BR DNSSEC Update ICANN 53
  • Hugo Salgado, NIC.CL – DNSSEC in .CL: ICANN 53 Update

3. Update on DNSSEC KSK Root Key Rollover – Ed Lewis of ICANN will give an update on the work around planning the rollover of the root key of DNSSEC.

4. DNSSEC Automation – After a short break we’ll have a panel moderated by Russ Mundy about how to better improve the automation of DNSSEC activities. Panelists include:

  • Eberhard Lisse, .NA – DNSSEC with SmartcardHSM
  • Robert Martin-Legène, Packet Clearing House – Packet Clearing House (PCH) DNSSEC Signing Service
  • Joe Waldron, Verisign – Verisign DNSSEC Signing Service

After this session we’ll break for lunch as well as the “Great DNS Quiz”. The lunch is sponsored by:

  • Afilias
  • CIRA
  • Dyn
  • .SE
  • SIDN

5. Demonstrations and Presentations: DANE and Applications – After lunch, I’ll be moderating a panel where we’ll be demonstrating some of the innovative things people are doing with DNSSEC and the DANE protocol. Panelists include:

  • Jaap Akkerhuis, NLNetLabs – One Year of DANE (Some) Lessons Learned
  • Wes Hardaker – Opportunistic SMTP Security
  • Jacques Latour – DNS Operator Role in Domain Management
  • Glen Wiley, Eric Osterweil and Danny McPherson – DNSSEC/DANE: Tools to Encourage Adoption

6. Deploying New DNSSEC Algorithms – I’ll then provide the last major presentation discussing the different aspects of deploying new cryptographic algorithms for use in DNSSEC. A specific case for this is the ECDSA algorithm, but the topics I’ll cover will be applicable for all new algorithms.

7. DNSSEC - How Can I Help? – Finally, we’ll wrap up with Russ Mundy and myself talking about the steps people can take when they leave the workshop to help in accelerating the deployment of DNSSEC.

If you are interested in DNSSEC and DANE, these workshops are excellent ways to keep up-to-date with the latest changes and developments in the world of DNSSEC. I’d encourage any of you to join in and listen. (Questions can also be submitted by remote participants.)

P.S. If you would like to get started with DNSSEC or DANE, please visit the Internet Society Deploy360 “Start Here” page to find resources to begin!

By Dan York, Author and Speaker on Internet technologies - and Senior Advisor at Internet Society

Dan is a Senior Advisor at the Internet Society but opinions posted on CircleID are his own. View more of Dan’s writing and audio here.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

NordVPN Promotion