Call for Participation -- ICANN DNSSEC and Security Workshop for the ICANN 
Policy Forum

In cooperation with the ICANN Security and Stability Advisory Committee (SSAC), 
we are planning a DNSSEC and Security Workshop for the ICANN87 Annual General 
Meeting. This meeting will be held as a hybrid event from 17-22 October 2026 in 
Bali, Indonesia, at the Bali International Convention Centre. The workshop will 
be held on Wednesday, 21 October 2026.

The DNSSEC and Security Workshop has been a regular part of ICANN meetings for 
several years and has provided a forum for both experienced participants and 
newcomers to meet, present and discuss current and future DNSSEC deployments. 
For reference, the
most recent session was held at the ICANN86 Policy Forum on Monday, 08 June 
2026. The presentations and transcripts are available at the following link: 
Session 
1.<https://urldefense.com/v3/__https:/icann86.sched.com/event/2NQNm/dnssec-security-workshop__;!!PtGJab4!9rFjbZxhHq4IiacwvhhYiACRtfDR7rJ11IUTeMTA0Rn9OFzMbCHHc17tfzn7q2wo_4Ais0OgGMzOafzoi77tPQ$>

The DNSSEC and Security Workshop Program Committee is developing a program for 
the upcoming meeting. Proposals will be considered for the following topic 
areas and included if space permits. In addition, we welcome suggestions for 
additional topics either for inclusion in the ICANN86 workshop, or for 
consideration for future workshops.

1. Global DNSSEC Activities Panel
For this panel, we are seeking participation from those who have been involved 
in DNSSEC deployment as well as from those who have not deployed DNSSEC, but 
who have a keen interest in the challenges and benefits of deployment, 
including Root Key Signing Key (KSK) rollover activities and plans.

2. DNSSEC Best Practices
Now that DNSSEC has become an operational norm for many registries, registrars, 
and ISPs, what have we learned about how we manage DNSSEC?


  *   What are current best practices around key rollovers?
  *   What about algorithm rollovers? Do you use and support DNSKEY Algorithms 
13-17?
  *   How often do you review your disaster-recovery procedures?
  *   Is there operational familiarity within your customer support teams?
  *   What operational statistics have been gathered about DNSSEC?
  *   Are experiences being documented in the form of best practices, or 
something similar, for transfer of signed zones?

Activities and issues related to DNSSEC in the DNS Root Zone are also desired.

3. DNSSEC Deployment Challenges
The program committee is seeking input from those that are interested in 
implementation of DNSSEC but have general concerns with DNSSEC. We are seeking 
input from individuals that would be willing to participate in a panel that 
would discuss questions of the following nature:


  *   Are there any policies directly or indirectly impeding your DNSSEC 
deployment? (e.g., RRR model, CDS/CDNSKEY automation)
  *   What are your most significant concerns with DNSSEC, (e.g., complexity, 
training, implementation, operation, etc.)
  *   What do you expect DNSSEC to provide and what does it not deliver?
  *   What do you see as the most important trade-offs in deploying (or not 
deploying) DNSSEC?

4. Security Panel
We invite presentations on DNS, DNSSEC, routing and other topics that could 
affect the security and/or stability of the Internet. Especially interested in 
implementation issues, challenges, opportunities, and best practices related to:


  *   Emerging threats that could impact the security and/or stability of the 
Internet
  *   DoH and DoT
  *   RPKI (Resource Public Key Infrastructure)
  *   BGP routing and secure implementations
  *   MANRS (Mutually Agreed Norms for Routing Security)
  *   Browser security – DNS, DNSSEC, DoH
  *   Email and DNS-related security – DMARC, DKIM, TLSA, etc…

If you are interested in participating, please send a brief (1-3 sentences) 
description of your proposed presentation to 
[email protected]<mailto:[email protected]> 
by Friday, 18 September 2026.

Thank you,
Dan and Kathy

On behalf of the DNSSEC Workshop Program Committee:
Gautam Akiwate, Stanford University
Steve Crocker, Edgemoor Research Institute
Mark Elkins
Layal Jebran, Kluster X / Moubarmij
Ram Mohan,Identity Digital
Russ Mundy, Tislabs
Peter Thomassen, deSEC
Yoshiro Yoneya, DNSOPS.jp Board
Dan York, Internet Society













_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Reply via email to