The DNS security protocol, DNSSEC, has been under development for more than a decade and is now emerging from the design and standards (IETF) process. The focus is now on deployment. Multiple groups are now engaged in putting DNSSEC into use. Zones at all levels, from the root down through enterprises, need to be signed, and end systems and resolvers need to evolve to make use of these signatures.

This talk will cover the deployment steps, status, and issues.

About the Presenters
Rob Austein is a software engineer at the Internet Systems Consortium. Prior to his incarceration at ISC, he also served time at InterNetShare, Inc., Integrated Systems, Inc., Epilogue Technology Corporation, and MIT's Laboratory for Computer Science. After spending a number of years working on everything from mainframes to deeply embedded systems, Rob has at one time or another worked at almost every layer of the protocol stack, but feels most at home somewhere around layer 3. He is, however, probably best known for having wandered aimlessly into the early specification and deployment of the DNS, and, as a result, has spent entirely too much of the intervening time at layer 9. At present, Rob spends 50 weeks out of every year trying to figure out how (and why) the Internet works; the other two weeks of each year are usually devoted to gravitational research in the Tetons.

Dr. Steve Crocker is CEO and co-founder of Shinkuro, Inc., a startup company conducting Internet research and building tools for cooperation and collaboration across the Internet. He is on the board of the Internet Society and chair of ICANN's Security and Stability Advisory Committee.

Steve has been involved in the Internet since its inception. In the late 1960's and early 1970's, he was part of the team that developed the protocols for the ARPANET and laid the foundation for today's Internet. He organized the Network Working Group, the forerunner of the modern Internet Engineering Task Force, initiated the Request for Comment (RFC) series, and laid the foundation for the open architectural structure of the Internet Protocols. For this work, Steve was awarded the 2002 IEEE Internet Award. He remained active in the Internet standards work through the IETF and IAB and served as the first security area director on the Internet Engineering Steering Group from 1989 to 1994. Steve earned his B.A. in math and Ph.D. in computer science at UCLA, and he studied artificial intelligence at MIT.

Russ Mundy is a Principal Networking Scientist at SPARTA, Inc., with over 25 years of experience in network security, high-assurance computing systems, and protocol development. In his current position with SPARTA he heads the Network Security Group, whose current and past projects include a DHS-funded project whose goal is facilitating DNSSEC deployment, reference implementations of the DNSSEC and SNMPv3 protocols, and the reference implementation of HAIPE (High Assurance Internet Protocol Encryptor) network management. HAIPE is a government program to provide high assurance, end-to-end encryption at the IP protocol layer. Russ currently serves as a member of the ICANN Committee on Security and Stability for the Internet.

Suresh Krishnaswamy is a Research Scientist at SPARTA, Inc., and has a background in information security. He holds a Masters degree in Computer Science from the University of Kansas and a Bachelor of Engineering degree from the University of Mumbai, India. He has been working on DNSSEC deployment related issues for almost a year and has spent significant time looking at the operational issues involved in deploying DNSSEC within some environments. Before joining SPARTA, he was a Research Scientist at Network Associates Laboratories (now McAfee Labs), where he participated in the DARPA-funded Active Networks Fault Response project for about two years, contributing to the design and development of various prototype fault-tolerant features in active networks.