<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:-webkit-standard;
panose-1:2 11 6 4 2 2 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;color:black"> The DNSSEC Deployment Initiative and the Internet Society Deploy360 Programme, in cooperation with the ICANN Security and Stability Advisory Committee (SSAC), are planning a DNSSEC and Security
Workshop for the ICANN69 Virtual Annual General Meeting being held from 17-22 October 2020. This workshop date will be determined once ICANN creates a block schedule for us to follow; then we will be able to request a day and time. The DNSSEC and Security
Workshop has been a part of ICANN meetings for several years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments. For reference, the most recent session was held at the ICANN68 Virtual
Meeting on 22 June 2020. The presentations and transcripts are available at: </span>
<a href="https://tinyurl.com/yaajt228"><span style="font-size:11.0pt">https://tinyurl.com/yaajt228</span></a><span style="font-size:11.0pt;color:black">.</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">The DNSSEC Workshop Program Committee is developing a program. Proposals will be considered for the following topic areas and included if space permits. In addition, we welcome suggestions for
additional topics either for inclusion in the ICANN69 workshop, or for consideration for future workshops.</span><span style="font-family:"Times New Roman",serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span style="font-size:11.0pt;color:black">1. </span><span lang="EN" style="font-size:11.0pt;color:black">Global DNSSEC Activities Panel</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">For this panel, we are seeking participation from those who have been involved in DNSSEC deployment as well as from those who have not deployed DNSSEC but
who have a keen interest in the challenges and benefits of deployment, including Root Key Signing Key (KSK) Rollover activities and plans.</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">2. DNSSEC Best Practice</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">Now that DNSSEC has become an operational norm for many registries, registrars, and ISPs, what have we learned about how we manage DNSSEC? Do you still submit/accept
DS records with Digest Type 1? What is the best practice around key roll-overs? What about Algorithm roll-overs? Do you use and support DNSKEY Algorithms 13-16? How often do you review your disaster recovery procedures? Is there operational familiarity within
your customer support teams? What operational statistics have we gathered about DNSSEC? Are there experiences being documented in the form of best practices, or something similar, for transfer of signed zones? Activities and issues related to DNSSEC in the
DNS Root Zone are also desired.<o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">3. DNSSEC Deployment Challenges</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">The program committee is seeking input from those that are interested in implementation of DNSSEC but have general or particular concerns with DNSSEC. In
particular, we are seeking input from individuals that would be willing to participate in a panel that would discuss questions of the following nature:</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- Are there any policies directly or indirectly impeding your DNSSEC deployment? (RRR model, CDS/CDNSKEY automation)</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- What are your most significant concerns with DNSSEC, e.g., complexity, training, implementation, operation or something else?</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- What do you expect DNSSEC to do for you and what doesn't it do?</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- What do you see as the most important trade-offs with respect to doing or not doing DNSSEC?<o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">4. Security Panel</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">The program committee is looking for presentations on DNS and Routing topics that could impact the security and/or stability of the internet. .</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- DoH and DoT implementation issues, challenges and opportunities</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- RPKI adoption and implementation issues, challenges and opportunities</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- BGP/routing/hijack issues, challenges and opportunities</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- MANRS implementation challenges and opportunities</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- Emerging threats that could impact (real or perceived) the security and/or stability of the internet</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- Domain hacking/hijacking prevention, best practice and techniques</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- Browser related security implementations</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- DMARC Challenges, opportunities and Best Practices</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-size:11.0pt;color:black">- BGP Flowspec challenges, opportunities and Best Practices</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">If you are interested in participating, please send a brief (1-2 sentence) description of your proposed presentation to </span><a href="mailto:dnssec-hamburg@isoc.org" target="_blank" title="mailto:dnssec-hamburg@isoc.org"><span style="font-family:"-webkit-standard",serif">dnssec-hamburg@isoc.org</span></a>
<b><span style="font-size:11.0pt;color:red">by 27 August 2020.</span></b><o:p></o:p></p>
<p class="MsoNormal"><span style="color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">Thank you,</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">Kathy and Andrew</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">On behalf of the DNSSEC Workshop Program Committee:</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal">Mark Elkins, DNS/ZACR<o:p></o:p></p>
<p class="MsoNormal">Jacques Latour, .CA<o:p></o:p></p>
<p class="MsoNormal">Russ Mundy, Parsons<o:p></o:p></p>
<p class="MsoNormal">Ondrej Filip, CZ.NIC<o:p></o:p></p>
<p class="MsoNormal">Yoshiro Yoneya, JPRS<o:p></o:p></p>
<p class="MsoNormal">Fred Baker, ISC<o:p></o:p></p>
<p class="MsoNormal">Dan York, Internet Society<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>