<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
line-height:115%;
font-size:11.0pt;
font-family:"Arial",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">Call for Participation -- ICANN DNSSEC and Security Workshop at ICANN66, Montreal, Canada<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">The ICANN Security and Stability Advisory Committee (SSAC) and the Internet Society Deploy360 Programme are planning a DNSSEC and Security Workshop during the ICANN66 meeting held
from 02-07 November 2019 in Montreal, Canada. The original DNSSEC Workshop has been a part of ICANN meetings for many years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments. The
program committee added a new focus on security to the workshop to address various emerging security related issues such as DoT/DoH impacts and potential abuses, impacts of RPKI deployments, BGP hijacking and other Internet related routing issues.
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">For reference, the most recent session was held at the ICANN Policy Forum in Marrakech, Morocco on 24 June 2019. The presentations and transcripts are available at:
</span><span lang="EN"><a href="https://65.schedule.icann.org/meetings/1058207"><span style="font-family:"Calibri",sans-serif;color:#1155CC">https://65.schedule.icann.org/meetings/1058207</span></a></span><span lang="EN" style="font-family:"Calibri",sans-serif">
and</span><span lang="EN"><a href="https://65.schedule.icann.org/meetings/1058208"><span style="font-family:"Calibri",sans-serif;color:windowtext;text-decoration:none">
</span></a><a href="https://65.schedule.icann.org/meetings/1058208"><span style="font-family:"Calibri",sans-serif;color:#1155CC">https://65.schedule.icann.org/meetings/1058208</span></a></span><span lang="EN" style="font-family:"Calibri",sans-serif">.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"> <o:p>
</o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">The DNSSEC and Security Workshop Program Committee is developing a 3-hour program. Proposals are sought for the following topic areas:
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">1. Global DNSSEC Activities Panel<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">For this panel, we are seeking participation from those who have been involved in DNSSEC deployment as well as from those who have not deployed DNSSEC but who have a keen interest
in the challenges and benefits of deployment, including Root Key Signing Key (KSK) Rollover activities and plans.
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">2. DNSSEC Best Practice<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">Now that DNSSEC has become an operational norm for many registries, registrars, and ISPs, what have we learned about how we manage DNSSEC? Do you still submit/accept DS records with
Digest Type 1? What is the best practice around key roll-overs? What about Algorithm roll-overs? Do you use and support DNSKEY Algorithms 13-16? How often do you review your disaster recovery procedures? Is there operational familiarity within your customer
support teams? What operational statistics have we gathered about DNSSEC? Are there experiences being documented in the form of best practices, or something similar, for transfer of signed zones? Activities and issues related to DNSSEC in the DNS Root Zone
are also desired.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">3. DNSSEC Deployment Challenges<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">The program committee is seeking input from those that are interested in implementation of DNSSEC but have general or particular concerns with DNSSEC. In particular, we are seeking
input from individuals that would be willing to participate in a panel that would discuss questions of the following nature:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- Are there any policies directly or indirectly impeding your DNSSEC deployment? (RRR model, CDS/CDNSKEY automation)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- What are your most significant concerns with DNSSEC, e.g., complexity, training, implementation, operation or something else?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- What do you expect DNSSEC to do for you and what doesn't it do?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- What do you see as the most important trade-offs with respect to doing or not doing DNSSEC?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">4. Security Panel
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">New to the workshop, the program committee is looking for presentations on DNS and Routing topics that could impact the security and/or stability of the internet. .<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- DoH and DoT implementation issues, challenges and opportunities<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- RPKI adoption and implementation issues, challenges and opportunities<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- BGP/routing/hijack issues, challenges and opportunities<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- MANRS implementation challenges and opportunities<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- Emerging threats that could impact (real or perceived) the security and/or stability of the internet<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- Domain hacking/hijacking prevention, best practice and techniques<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- Browser related security implementations
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- DMARC Challenges, opportunities and Best Practices<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">- BGP Flowspec challenges, opportunities and Best Practices<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">In addition, we welcome suggestions for additional topics, either for inclusion in the ICANN66 workshop, or for consideration for future workshops.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">If you are interested in participating, please send a brief (1-2 sentence) description of your proposed presentation to
</span><span lang="EN"><a href="mailto:dnssec-montreal@isoc.org"><span style="font-family:"Calibri",sans-serif;color:#1155CC">dnssec-montreal@isoc.org</span></a></span><span lang="EN" style="font-family:"Calibri",sans-serif">
<b><span style="color:red">by **Friday, 27 September 2019**<o:p></o:p></span></b></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">Thank you,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">Andrew and Kathy<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">On behalf of the DNSSEC and Security Workshop Program Committee:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">Mark Elkins, DNS/ZACR<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">Jacques Latour, .CA<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">Russ Mundy, Parsons<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">Ondrej Filip, CZ.NIC<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">Yoshiro Yoneya, JPRS<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">Fred Baker, ISC<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif">Dan York, Internet Society<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN"><o:p> </o:p></span></p>
</div>
</body>
</html>