T3
Paul Vixie

Securing the DNS – Principles and practices
for the modern domain naming era For almost eight years now, various working groups of the IETF have written and rewritten their plans for DNSSEC. This year the implementors are storming that ivory tower and we’re going to find out whether deployment momentum can slow the pace of protocol development at all. By the end of 2003 it should be possible to finally have some confidence in the resource records we receive over the wire. In this full day tutorial, Paul Vixie (perennial holder of CERT’s uncoveted “most advisories by asingle author” record) will explain:
- why this technology took so long to argue about
- why it’s so complicated
- what it can do for “you”
- how you can participate in the great game we call “securing the DNS”
Instructor:
Paul Vixie has been contributing to Internet protocols and UNIX systems as a protocol designer and software architect since 1980. Early in his career, he developed and introduced sends, proxynet, rtty, cron and other lesser-known tools. Today, Paul is considered the primary modern author and technical architect of BINDv8 the Berkeley Internet Name Domain Version 8, the open source referenceimplementation of the Domain Name System (DNS). He formed the Internet Software Consortium (ISC) in 1994, and now acts as Chairman of its Board of Directors. The ISC reflects Paul’s commitment to developing and maintaining production quality open source reference implementations of core Internet protocols. More recently, Paul cofounded MAPS LLC (Mail Abuse Prevention System), a California nonprofit company with the goal of hosting the RBL (Realtime Blackhole List) and stopping the Internet’s
email system from being abused by spammers. Vixie is currently the Chief Technology Officer of Metromedia Fiber Network Inc (MFNX.O). Along with Frederick Avolio, he co-wrote “Sendmail: Theory and Practice” (Digital Press, 1995). He has authored or co-authored several RFCs, including a Best Current Practice document on
“Classless IN-ADDR.ARPA Delegation” (BCP 20). He is also responsible for overseeing the operation of F.root-servers.net, one of the thirteen Internet root domain name servers.
Who should attend:
Name server administrators, zone editors, and network owners who want to understand and be part of the conversion of DNS into DNSSEC. Attendees should be familiar with DNS master file format, DNS recursive query logic, and ideally BIND8 or BIND9 operations.