DANE and Application Uses of DNSSEC
Time 10/29/14 02:15PM-03:00PM
This session will give an overview of application uses of DNSSEC, available software tools, and application programmer interfaces. With the increasing deployment of DNSSEC, new, exciting users are emerging that leverage the DNS to store and verify cryptographic keying material (like public keys, certificates, fingerprints, etc). The DANE (DNS based authentication of named entities) protocol and new DNS records like TLSA are the principal enabler of these uses. This session will give an overview of DANE in the context of DNSSEC, use cases that it enables today and in the future, and available software tools. It will also talk about a new open DNS API called "getdns" that allows application programmers to more easily use DNS and DNSSEC enchanced responses without having to be DNS protocol experts. The Research & Education community has long been a pioneer in deploying new technologies, including DNSSEC. Technologies like DANE are the next step in the evolution of DNSSEC, and we expect that DANE and new software APIs will be adopted and experimented with in this community.
Speaker Shumon Huque VeriSign, Inc.
Primary track Security
Secondary tracks Trust and Identity