Deploying Dnssec (Layerone 2009)

Description: This is the video of the talk titled "Deploying DNSSEC" given at LayerOne 2009 by Erik Berls. The slides can be downloaded here.



Talk Description: DNSSEC has been around for over 10 years (RFC 2535, March 1999) and setting it up still presents challenges. DNS is one of the last few widely unsecured core Internet protocols. DNSSEC presents with a chicken and egg problem for adoption, like many new changes before it. The investment in increasing the number of DNSSEC enabled domains must come before we can start actively verifying look-ups.



This is a blitz approach to setting up DNSSEC. We’ll skip past any long, boring documentation, and jump into what you’d need to get this up over your lunch break. This nuts and bolts presentation focuses on getting your server up, running, and configured in short order. However, attention will be made to running and maintaining this server in a production environment. Architecture recommendations and guidelines will be discussed.



Author Info: Erik currently resides on the outskirts of the greater San Francisco Bay Area, biding his time as a Gentleman Adventurer. He bounces between endeavors such as spontaneous travel, network security, running, software design, and cooking. He has run the gamut from 3 person start-ups to 10s of thousand person multinationals, doing computer and network security for financial sector, big oil, and telecom.









