Skip to main content
Resources

DNS SSR Agenda

Day One

8:30 Registration

9:00 Welcome message (Sarmi/Rigoni/Crain)

9:15 Introduction of SSR topics

10:00 Breakout sessions, in parallel:

Session A: How should DNSSEC and DNS filtering be integrated?
Questions to consider include:

  • Is DNS filtering via reputation (blacklists, whitelists, etc.) a necessary function?
  • If yes, how it should be integrated with DNSSEC usage?

(Proposed session chair: Paul Mockapetris)

Session B: What are the next steps and open issues to advancing the deployment of DNSSEC globally? Questions to consider include:

  • What are the remaining barriers to DNSSEC introduction?
  • What are the unintended consequences of signed, malicious registrations?
  • How are legal seizures affected when domains listed in a court order are signed?
  • What can and should we be doing to facilitate the use of DNSSSEC for the purpose of advancing a safer and more secure Internet?

(Proposed session chair: Rod Rasmussen)

11:15 Coffee break

11:45-13:00 Continue Sessions A & B

13:00 Lunch

14:00 -16:30 Breakout sessions, in parallel:

Session C: What is next in the evolution of the DNS and Internet name spaces? Questions to consider include:

  • What new applications, if any, can the DNS enabled? A new PKI is a commonly discussed candidate, but are there others?
  • Is the Internet name space all it is and can ever be?
  • What can we learn from X.509 and existing PKI systems to guide future DNSSEC development?

(Proposed session chair: Roy Arend)

Session D: Data, measures and metrics: next steps and open issues. DNS statistics or trace data are useful information but what is needed to accelerate the process of defining metrics for DNS Health and Security? Questions to consider include:

  • What methods are available for data analysis?
  • What can we see?
  • What are we (should we be) looking for?
  • Are there data protection and anonymization issues?
  • Aggregating data and cumulative views swarm effects?
  • What challenges do (new) application and/or (new) behaviors pose?

(Proposed session chair: Peter Koch)

16:30 Coffee break

17:30- 18:30 Lightning Talks: Topic Setting for Day 2

Participants get 5 minutes to present a topic he or she would like to have discussed on Day 2. Topics will be selected using a Doodle poll conducted overnight.

(Proposed moderator: Dave Piscitello)

18:30 Closing remarks, social events or dinner


Day Two

8:30 Coffee

9:00 Topics for the day announced

9:15-10:45 Breakout sessions, in parallel.

Sessions E and F identified from lightning talks

10:45 Coffee Break

11: 00-1200 Continue sessions E and F

12:00-1300 Summary reports from session moderators (10 mins each)

13:00 Closing remarks

13:30 Adjourn


Note: The DNS Security, Stability, and Resiliency Symposium is an invitation only event. The DNS EASY and DNS SSR program committee is responsible for selecting participants. If you would like to be considered as a participant, please provide credentials for consideration to [email protected]

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."