Time 02/08/06 01:00PM-05:00PM
The DNSSEC workshop will result in learning how to build and operate BIND DNSSEC on your UNIX operating system laptop. It starts with of an introduction to the theory of DNSSEC, before the longer hands-on interactive part. The theoretic part of the workshop covers the overview of the vulnerabilities of DNS, an introduction to the mechanisms to protect zone transfers and dynamic updates (TSIG) and an introduction to the DNSSEC protocol. In addition we will share some experiences gained during deployment at the RIPE NCC, what infrastructure changes are needed, what are the changes in provisioning and which practical problems did we run into. In the hands-on part of the workshop we will introduce the tools and techniques to sign, serve and troubleshoot tools. Depending on the available time we might divert into writing scripts based on Net::DNS or the installation and operation of a key/signing server.