A great amount of activity, it turns out!
So much that my “Rough Guide to IETF 91: DNSSEC, DANE and DNS Security” turned into quite a lengthy article. Please read that article for the full description, but a quick summary can be:
- DNSOP will have discussions around “Negative Trust Anchors”, “DNS Cookies” and more.
- DANE will discuss using DANE for email, and specifically S/MIME, as well as SRV records and a discussion led by me about what we can learn from current deployments of DANE.
- A brand new DPRIVE working group will be exploring challenges around privacy and confidentiality of DNS queries.
- TRANS will look at applying Certificate Transparency (CT) mechanism to DNSSEC keys.
- EPPEXT will discuss how to move a draft forward about secure transfer of DNSSEC-signed domains between registrars.
- HOMENET and DNSSD will both be looking at different aspects of using DNS with small networks or “Internet of Things” (IoT) environments – and the question of course is how this usage gets secured.
… and again you’ll want to read the full article to understand more. The key point is that it will be busy for those of us interested in DNS-related issues! If you are going to be out at IETF 91, please do contact us or find me there. Odds are pretty good you’ll find me in either the DNS or IPv6 sessions!
And if you want to get started today with DNSSEC, please visit our Start Here page to learn how!