Date : 25 – 27 February 2009 |
Time : 9:00-17:30 |
Course Fee : |
Standard |
: 28,000 THB |
Early Bird |
: 18,000 THB (until 30th January 2009) |
THNIC members |
: 18,000 THB |
|
|
( Early-bird registration fees must be paid before
or on 30 January 2009 where as Standard registration
fees must be paid before or on 25 February 2009
by cheque or wire transfer payment. )
|
|
Venue : intERLab Training Center, AIT, Thailand |
|
Course Duration : 3 days |
Jointly organized by:
Supporting Organizations:
|
Objectives:
- To provide the participants with in depth technical information of DNSSEC.
- To assist ccTLD operators and key stakeholders in deploying DNSSEC for their national registries, registrars and organizations; and
- To build working relationships among individual, institutional and/or organization contacts that manages national registry, Internet infrastructure as well as governmental services.
|
Who should attend?
Anyone with an interest in the deployment of DNSSEC, especially ccTLDs operators, ISPs, Banks, Government Agencies, and the others who want to secure their Internet infrastructure and those contemplating whether or not to deploy DNSSEC in their organization. |
|
PART I: Security on DNS: It's Time
Date : 25 February 2009
Venue: Melton Bender Auditorium [map]
What it is?
To cope with the security risk over the DNS, the deployment of DNSSEC is going on around the Internet community by different key stakeholders. The organizations actively engaged in the deployment of DNSSEC as well as .th registry will share the information and experiences on DNSSEC and its deployment.
Why it's Important?
Registries, Registrars, ISPs, Banks, Government Agencies, and the others who want to secure their Internet infrastructure will benefit from the presentation and discussion of the deployment experiences.
Who should attend?
Anyone with an interest in the deployment of DNSSEC, especially representatives from technical, operational, and strategic planning roles of the registry, registrar, ISPs, banks and government agencies.
Drafted Agenda (Policy Part)
10:00 - 10:30 |
Registration |
10:30 - 10:45 |
Welcome and Introductions
by Prof. Kanchana Kanchanasut, THNIC Foundation |
10:45 - 12:00 |
What's DNSSEC?
by Olaf Kolkman, NLnetLabs
Patrick Wallstrom, .SE (Stiftelsen for Internetinfrastruktur)
* Demonstration of Attacks to the Kaminsky DNS Vulnerability
* What's DNSSEC?
* What's the different between DNS and DNSSEC?
* What are the objectives of DNSSEC?
* What are the advantages of DNSSEC? |
12:00 - 13:00 |
Lunch |
13:00 - 14:00 |
DNSSEC in the Field
by Olaf Kolkman, NLnetLabs
Patrick Wallstrom, .SE (Stiftelsen for Internetinfrastruktur)
* DNSSEC deployment experiences from .SE
* DNSSEC experiences
* DNS Softwares, Appliances, Recursive Resolvers, and Next Steps |
14:00 - 14:30 |
Zone Signing Status
* Root Zone Signing by Olaf M. Kolkman, NlnetLabs
* .th Zone Signing by Krit Witwiyaruj, .th registry |
14:30 - 16:00 |
How the DNSSEC impact our community
moderated by the Chair of UniNet security working group (TBC) |
|
|
PART II
Course Contents
Venue: intERLab Training Room [map]
This training covers the followings topics:
- DNS KEYs: risks and management
- Introduction of DNSSEC
- Securing zone transfer (TSIG)
- Securing a zone
- Delegation of signing authority
- Troubleshooting
- DNSSEC deployment
- DNSSEC Softwares and Tools
|
Prerequisite
Basic knowledge about UNIX System Administration, Basic DNS and Network Operation
|
Details Agenda
Day 1 : DNSSEC TECHNICAL WORKSHOP, 26th February 2009
Introduction to the Workshop |
09:00 - 10:30 |
DNS Security and Introduction to DNSSEC |
10:30 - 11:00 |
Tea break |
11:00 - 12:30 |
Labs Setup: Installing Software and Building a DNS tree/infrastructure |
12:30 - 13:30 |
Lunch |
13:30 - 15:00 |
DNSSEC Details Resource Records and other theory |
15:00 - 17:30 |
Securing the Labs infrastructure Hands on signing, serving, and troubleshooting
(with walk away for Coffee in between the session) |
Day 2 : DNSSEC TECHNICAL WORKSHOP, 27th February 2009 |
09:00 - 10:30 |
Introducing DNSSEC in a workflow
How to design your project, components to think about |
11:00 - 12:30 |
DNS KEYs: risks and management |
12:30 - 13:30 |
Lunch |
13:30 - 15:00 |
What needs doing for your domain?
Participants take a stab at a high level project plans |
15:00 - 15:30 |
Tea break |
15:30 - 17:00 |
Software and tools availability and development where to find more information and some hints and tips on writing software with Net::DNS and ldns |
17:00 - 17:30 |
Q&A + Certificates distribution |
|
|
Biography of instructor
Olaf M. Kolkman
Olaf Kolkman was born (1966) and raised in the Netherlands. He was trained as an astronomer but his interest in Internet technology took hold of his career path around 1996. In that year he moved to a commercial company and implemented a mail to web gateway and a build a customized firewall.
In 1997 he joined the RIPE NCC where he got involved in the test-traffic project and got exposed to Internet standard and policy development. After acting as operations manager for a while he became systems architect in 2000, responsible for DNSSEC deployment at the RIPE NCC. During that project he got more involved in the DNS community and more active in the IETF for instance as chair of the DNS extension's working group.
In 2005 he joined NLnet Labs, a foundation chartered to develop open source software and open standards for the Internet, as chief Executive.
Olaf Kolkman is an IAB member since March 2006 and acts as the IAB chair since March 2007.
Olaf is married to Leidi, has two kids and lives in Uithoorn NL
Patrick Wallstrom Patrik Wallström has been with .SE since 2002. He is the project manager for DNSSEC at .SE and has been working with DNSSEC deployment for six years. He is also the lead of the Tools & Applications working group at the DNSSEC Coalition. For more than a decade he has been actively involved in the Swedish free software and open source community. Mr Wallström has a background as a consultant within network security and software architecture.
|
|
Certificate of paticipation, training materials, lunch and refreshments will be provided.
Please note that the places are limited and the registration will be on a "first come - first served" basis.
If you have any further queries, please contact Ms. Wit Hmone at +66-2 524 6611 (for AIT internal user dial 6611 only) or email: training at interlab.ait.ac.th.
|
|