http://kernsec.org/wiki/index.php?action=history&feed=atom&title=Linux_Security_Summit_2012%2FAbstracts%2FWouters 2026-04-18T10:06:01Z Revision history for this page on the wiki MediaWiki 1.36.1 http://kernsec.org/wiki/index.php?title=Linux_Security_Summit_2012/Abstracts/Wouters&diff=3300&oldid=prev 2012-06-27T03:57:11Z

<p>New page: == Title == DNSSEC: The Shiny New Cryptographically Secured Globally Distributed Database == Presenter == Paul Wouters, Red Hat == Abstract == DNSSEC was designed to protect the Domai...</p> <p><b>New page</b></p><div>== Title ==<br /> <br /> DNSSEC: The Shiny New Cryptographically Secured Globally Distributed Database<br /> <br /> == Presenter ==<br /> <br /> Paul Wouters, Red Hat<br /> <br /> == Abstract ==<br /> <br /> DNSSEC was designed to protect the Domain Name System from an ever<br /> increasing stream of DNS spoofing attacks and (non-)malicious DNS<br /> rewriting schemes. But from the start, many intended to use this new<br /> distributed and digitally signed database for other purposes as well.<br /> <br /> DNSSEC can already be used to secure large scale TLS SSH and VPN<br /> deployments. Other emerging ideas to use DNSSEC in the near future include<br /> protecting instant messaging and email traffic, and identification of<br /> WebID, OTR and PGP identities. And with DNSSEC chains, devices could<br /> even authenticate to each other without an active internet connection.<br /> <br /> The audience is strongly encouraged to discuss and find out if and<br /> how they can leverage DNSSEC for themselves. A discussion comparing<br /> DNSSEC against the Certificate Agency industry is sure to fill up any<br /> remaining time.<br /> <br /> The presentation will be given using a Linux laptop utilising a VPN and<br /> TLS connection secured by cryptographic keys obtained via DNSSEC.</div>

JamesMorris