<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Calibri Light";
panose-1:2 15 3 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
span.EmailStyle18
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">Hello NANOG!<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">This is the CfP for our next DNSSEC & Security workshop @ ICANN72.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">Jacques<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">Call for Participation -- ICANN DNSSEC and Security Workshop for ICANN72 Virtual Annual General Meeting<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">In cooperation with the ICANN Security and Stability Advisory Committee (SSAC), we are planning a DNSSEC and Security Workshop for the ICANN72 Annual General Meeting being
held virtually from 23-28 October 2021 in the Pacific Daylight Time Zone (UTC -7). This workshop date will be determined once ICANN creates a block schedule for us to follow; then we will be able to request a day and time. The DNSSEC and Security Workshop has
been a part of ICANN meetings for several years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments. For reference, the most recent session was held at the ICANN71 Virtual Meeting
on 14 June 2021. The presentations and transcripts are available at </span><a href="https://71.schedule.icann.org/meetings/3q22SHqif9XF5nFqG"><span style="font-family:"Calibri Light",sans-serif">https://71.schedule.icann.org/meetings/3q22SHqif9XF5nFqG</span></a><span style="font-family:"Calibri Light",sans-serif;color:black">
and <a href="https://71.schedule.icann.org/meetings/vv7XkuePvghwFaLgt">https://71.schedule.icann.org/meetings/vv7XkuePvghwFaLgt</a><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">The DNSSEC Workshop Program Committee is developing a program. Proposals will be considered for the following topic areas and included if space permits. In addition, we
welcome suggestions for additional topics either for inclusion in the ICANN72 workshop, or for consideration for future workshops.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span style="font-family:"Calibri Light",sans-serif;color:black">1. </span><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">Global DNSSEC Activities Panel</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">For this panel, we are seeking participation from those who have been involved in DNSSEC deployment as well as from those who have not
deployed DNSSEC but who have a keen interest in the challenges and benefits of deployment, including Root Key Signing Key (KSK) Rollover activities and plans.</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">2. DNSSEC Best Practice</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">Now that DNSSEC has become an operational norm for many registries, registrars, and ISPs, what have we learned about how we manage DNSSEC?
Do you still submit/accept DS records with Digest Type 1? What is the best practice around key roll-overs? What about Algorithm roll-overs? Do you use and support DNSKEY Algorithms 13-16? How often do you review your disaster recovery procedures? Is there
operational familiarity within your customer support teams? What operational statistics have we gathered about DNSSEC? Are there experiences being documented in the form of best practices, or something similar, for transfer of signed zones? Activities and
issues related to DNSSEC in the DNS Root Zone are also desired.</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">3. DNSSEC Deployment Challenges</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">The program committee is seeking input from those that are interested in implementation of DNSSEC but have general or particular concerns
with DNSSEC. In particular, we are seeking input from individuals that would be willing to participate in a panel that would discuss questions of the following nature:</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- Are there any policies directly or indirectly impeding your DNSSEC deployment? (RRR model, CDS/CDNSKEY automation)</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- What are your most significant concerns with DNSSEC, e.g., complexity, training, implementation, operation or something else?</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- What do you expect DNSSEC to do for you and what doesn't it do?</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- What do you see as the most important trade-offs with respect to doing or not doing DNSSEC?</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">4. Security Panel</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">The program committee is looking for presentations on DNS and Routing topics that could impact the security and/or stability of the internet.
.</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- DoH and DoT implementation issues, challenges and opportunities</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- RPKI adoption and implementation issues, challenges and opportunities</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- BGP/routing/hijack issues, challenges and opportunities</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- MANRS implementation challenges and opportunities</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- Emerging threats that could impact (real or perceived) the security and/or stability of the internet</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- Domain hacking/hijacking prevention, best practice and techniques</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- Browser related security implementations</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- DMARC Challenges, opportunities and Best Practices</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:12.65pt"><span lang="EN" style="font-family:"Calibri Light",sans-serif;color:black">- BGP Flowspec challenges, opportunities and Best Practices</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">If you are interested in participating, please send a brief (1-2 sentence) description of your proposed presentation to
</span><u><span style="font-family:"Calibri Light",sans-serif;color:#0563C1">dnssec-security-workshop@icann.org</span></u><span style="font-family:"Calibri Light",sans-serif;color:black"> </span><span style="font-family:"Calibri Light",sans-serif;color:red">by
Friday, 10 September 2021</span><span style="font-family:"Calibri Light",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">Thank you,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">Kathy and Andrew<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">On behalf of the DNSSEC Workshop Program Committee:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="FR-CA" style="font-family:"Calibri Light",sans-serif;color:black">Mark Elkins, DNS/ZACR<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="FR-CA" style="font-family:"Calibri Light",sans-serif;color:black">Jacques Latour, .CA<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">Russ Mundy, Parsons<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">Ondrej Filip, CZ.NIC<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">Yoshiro Yoneya, JPRS<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">Fred Baker, ISC<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black">Dan York, Internet Society<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri Light",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>