DNSSEC Testbed for Germany
In June 2009, DENIC launched a joint testbed for the Domain Name Security Extensions (DNSSEC) together with the Federal Agency for Security in Information Technology (BSI) (now: Federal Office for Information Security) and the Association of the German Internet Economy eco e.V. (now: eco - Association of the Internet Industry) in order to evaluate the potential effects of DNSSEC if introduced for .de domains. The purpose of DNSSEC is to close security holes in the Internet, such as cache poisoning, DNS redirection and DNS spoofing. Testbed participants had the opportunity to gain technical and operational experience in a test environment and to find out the impacts DNSSEC was going to have on security and reliability on the Internet. The project goal was to rule out operational risks of DNSSEC at an early stage and to find out about user acceptance. The testbed infrastructure was maintained until July 2011, when it was finally shut down.
DNSSEC Testbed Meetings
5th DNSSEC Testbed Meeting on 8 February 2011
Final Meeting Will Take Stock
The fifths and last DNSSEC testbed meeting was held on 8 February 2011. With this meeting, the DNSSEC testbed initiated by the Federal Agency for Security in Information Technology (BSI), the Association of the German Internet Economy (eco) and DENIC was concluded.
The testbed offered the opportunity to collect operational and technical experience, to assess risks and to find out about user acceptance. The previous meetings informed in detail about these aspects and discussed and solved many pending questions. At the final meeting, the initiators gave a concise summary and DENIC presented its plans for implementing DNSSEC in the praxis. As starting date for DNSSEC the 31 May 2011 was announced.
DNSSEC Testbed Final Report
Presentations
- Testbed: DNSSEC for DE - Final Report (in German)
- Peter Koch / Marcos Sanz Grossón, DENIC eG
- DNSSEC Testbed: Conclusion (in German)
- Dr. Lothar Eßer, BSI
- Registrar Atlas 2011
- Thomas Rickert, eco
4th DNSSEC Testbed Meeting on 24 November 2010
Agenda
- DNSSEC@DENIC: Current Status in the Testbed
Peter Koch / Marcos Sanz Grossón, DENIC eG - Experience Report of a Testbed Participant
Andreas Schulze, DATEV eG - DNSSEC in the Global Context: Current Status
Thorsten Dietrich, BSI - Validation of DNSSEC under MS Windows
Carsten Strotmann, Men & Mice - Tools & Emerging Services all around DNSSEC:
- Nominum DNSSEC Packs – Ralf Weber, Nominum Inc.
- GSLB / Global Service Loadbalancing – Ralf Brünig, F5 Networks GmbH
- Nixu NameSurfer Suite – Jürgen Joswig & Toni Lampela, Nixu Ltd.
- Exanames – Kariem Hussein & Wolfgang Nagele, Exabit GmbH
- OpenDNSSEC – Carsten Strotmann, Men & Mice
- The Infoblox DNSSEC Solution – Dominic Stahl, Infoblox Inc.
Presentations
- DNSSEC@DENIC: Current Status in the DNSSEC Testbed
- Peter Koch / Marcos Sanz Grossón, DENIC eG
- DNSSEC in the Global Context: Current Status
- Thorsten Dietrich, BSI
- Validation of DNSSEC under MS Windows
- Carsten Strotmann, Men & Mice
- Nominum DNSSEC Packs
- Ralf Weber, Nominum Inc.
- GSLB / Global Service Loadbalancing
- Ralf Brünig, F5 Networks GmbH
- Nixu NameSurfer Suite
- Jürgen Joswig / Toni Lampela, Nixu Ltd.
- Exanames
- Kariem Hussein / Wolfgang Nagele, Exabit GmbH
- OpenDNSSEC
- Carsten Strotman, Men & Mice
- The Infoblox DNSSEC Solution
- Dominic Stahl, Infoblox Inc.
Live Videos of the Event
- DNSSEC@DENIC: Current Status in the Testbed
- Peter Koch / Marcos Sanz Grossón, DENIC eG
- Experience Report of a Testbed Participant
- Andreas Schulze, DATEV eG
- DNSSEC in the Global Context: Current Status
- Thorsten Dietrich, BSI
- Validation of DNSSEC under MS Windows
- Carsten Strotmann, Men & Mice
- Nominum DNSSEC Packs
- Ralf Weber, Nominum Inc.
- GSLB / Global Service Loadbalancing
- Ralf Brünig, F5 Networks GmbH
- Nixu NameSurfer Suite
- Jürgen Joswig / Toni Lampela, Nixu Ltd.
- Exanames
- Kariem Hussein / Wolfgang Nagele, Exabit GmbH
- OpenDNSSEC
- Carsten Strotmann, Men & Mice
- The Infoblox DNSSEC Solution
- Dominic Stahl, Infoblox Inc.
3rd DNSSEC Testbed Meeting on 16 June 2010
Agenda
- DNSSEC@DENIC: Testbed "Halftime"
(Peter Koch / Marcos Sanz Grossón, DENIC eG) - Participation in the Testbed and Measurements Relating to NSEC3: An Experience Report
(Florian Obser, Hostserver GmbH) - DNSSEC in the Leibniz Data Center
(Bernhard Schmidt, LRZ – The data center for Munich's universities and for the Bavarian Academy of Sciences) - DNSSEC Introduction of "bund.de"
(Thorsten Dietrich, Federal Agency for Security in Information Technology) - DNSSEC as a Safety Means within the FRITZ!Box Home Router Network
(Martin Duzy, AVM GmbH) - Signing of the Root Zone: Finals have Begun
(Peter Koch, DENIC eG) - DNSSEC@Earth: Seeing the "Big Picture"
(Carsten Strotmann, Men & Mice) - Software Support for DNSSEC
(Ralf Weber, Nominum Inc.) - DNSSEC from a Registrar's Point of View
(Volker Janzen, InterNetX GmbH) - Domain Transfer with DNSSEC
(Samuel Benz, SWITCH – Serving Swiss Universities)
Presentations
- DNSSEC@DENIC: Testbed "Halftime"
- Peter Koch / Marcos Sanz Grossón, DENIC eG
- Participation in the Testbed and Measurements Relating to NSEC3: An Experience Report
- Florian Obser, Hostserver GmbH
- DNSSEC in the Leibniz Data Center
- Bernhard Schmidt, LRZ – The data center for Munich's universities and for the Bavarian Academy of Sciences
- DNSSEC Introduction of "bund.de"
- Thorsten Dietrich, Federal Agency for Security in Information Technology
- DNSSEC as a Safety Means within the FRITZ!Box Home Router Network
- Martin Duzy / Jan Schöllhammer, AVM GmbH
- Signing of the Root Zone: Finals have Begun
- (Link to Information Website Root DNSSEC by ICANN and VeriSign)
- Peter Koch, DENIC eG
- DNSSEC@Earth: Seeing the "Big Picture"
- Carsten Strotmann, Men & Mice
- Software Support for DNSSEC
- Ralf Weber, Nominum Inc.
- DNSSEC from a Registrar's Point of View
- Volker Janzen, InterNetX GmbH
- Domain Transfer with DNSSEC
- Samuel Benz, SWITCH – Serving Swiss Universities
Live Videos of the Event
- DNSSEC@DENIC: Testbed "Halftime"
- Peter Koch / Marcos Sanz Grossón, DENIC eG
- Participation in the Testbed and Measurements Relating to NSEC3: An Experience Report
- Florian Obser, Hostserver GmbH
- DNSSEC in the Leibniz Data Center
- Bernhard Schmidt, LRZ – The data center for Munich's universities and for the Bavarian Academy of Sciences
- DNSSEC Introduction of "bund.de"
- Thorsten Dietrich, Federal Agency for Security in Information Technology
- DNSSEC as a Safety Means within the FRITZ!Box Home Router Network
- Martin Duzy / Jan Schöllhammer, AVM GmbH
- Signing of the Root Zone: Finals have Begun
- Peter Koch, DENIC eG
- DNSSEC@Earth: Seeing the "Big Picture"
- Carsten Strotmann, Men & Mice
- Software Support for DNSSEC
- Ralf Weber, Nominum Inc.
- DNSSEC from a Registrar's Point of View
- Volker Janzen, InterNetX GmbH
- Domain Transfer with DNSSEC
- Samuel Benz, SWITCH – Serving Swiss Universities
2. DNSSEC Testbed Meeting on 26 January 2010
Presentations
- Introduction to the DNSSEC testbed by DENIC (in German)
- Peter Koch / Marcos Sanz Grossón
- With DNSSEC around the world: The status in other TLDs (in German)
- Hans Peter Dittler, Braintec-Netzwerk-Consulting
- DNSSEC in Sweden: Five years' practical experience
- Anne-Marie Eklund Löwinder, .SE
- DNSSEC in Switzerland: First experiences with productive operation
- Samuel Benz, SWITCH
- DNSSEC support by home routers (in German)
- Thorsten Dietrich, BSI
- Signing of the root zone
- Wolfgang Nagele, RIPE NCC
- DNSSEC zone administration via the open source tool ZKT
- Holger Zuleger, HZNET
Live Videos of the Event
- Introduction to the DNSSEC testbed by DENIC (in German)
- Peter Koch / Marcos Sanz Grossón, DENIC
- With DNSSEC around the world: The status in other TLDs (in German)
- Hans Peter Dittler, BRAINTEC Netzwerk-Consulting
- DNSSEC support by home routers (in German)
- Thorsten Dietrich, BSI
- Signing of the root zone
- Wolfgang Nagele, RIPE NCC
- DNSSEC zone administration via the open source tool ZKT (in German)
- Holger Zuleger, HZNET
DNSSEC Testbed: Initial Meeting on 2 July 2009
Presentations
- The DNSSEC Testbed (Sabine Dolderer, DENIC eG) (in German only)
- Background and introduction DNSSEC (Hans Peter Dittler, BRAINTECNetzwerk-ConsultingGmbH) (in German only)
- The DNSSEC Testbed by DENIC (Jörg Schweiger, DENIC eG) (in German only)
- DNSSEC for Internet Service Provider (Ralf Weber, COLT Telecom GmbH) (in German only)
- DNSSEC - Broadband Routers and Firewalls (Thorsten Dietrich, Bundesamt für Sicherheit in der Informationstechnik) (in German only)