Winter 2006 ESCC/Internet2 Joint Techs Workshop

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

DNS Risks and DNSSEC

Time 02/08/06 11:00AM-11:25AM

Session Abstract

Recent surveys, such as one by Consumer Reports, have found that end-users are decreasing their trust in the Internet and reducing their use of services such as Internet banking. Users still act as though name lookups result in their packets going to the end host they have chosen (in other words, that the DNS is secure), but as tools against phishing gain traction, there are more attacks where the name is correct, but the lookup itself, the security of the DNS resolution, is compromised. The addition of the DNS security extensions (DNSSEC for short) to the DNS allows enabled systems to detect cases of compromised DNS systems. This talk discusses DNS risks today, some technical aspects of DNSSEC, including its performance in a critical infrastructure deployment at RIPE NCC, and some issues for broad adoption of DNSSEC. We expect to raise for discussion (or hallway talk) some points specific to the R&E environment, e.g. strong administrative skills, distinctive goals and end-users, and sometimes informal arrangements of DNS operations such as secondaries.

Speakers

Speaker Allison Mankin Shinkuro

Speaker Olaf Kolkman NLNet Labs

Presentation Media

media item thumbnail DNS Risks, DNSSEC (pdf)

Speaker Olaf Kolkman NLNet Labs

Speaker Allison Mankin Shinkuro