Wednesday, 17 October 09:00 - 10:30
B. DNS OARC Update
|C. Update on the Root KSK Roll|
|D. Will your DNS break in 2019?|
Is your authoritative server ready for changes in 2019? Group of DNS software vendors is removing support for certain types of non-compliance with DNS standards. This talk will explain what https://dnsflagday.net/ means for you and how to prepare your DNS infrastructure to minimize impact.
|E. Managing DNS zones using Git|
Why ISPs like us edit zone files manually. The most common errors and how to fight them. Introducing dzonegit, custom open-source solution to keep zone files in Git.
Thursday, 18 October 14:00 - 15:30
|F. RIPE NCC Report|
Switching to a new DNSSEC signer.
Upcoming 100Gig site for K-root.
|G. GeoIP + DNSSEC in Knot DNS|
In this talk we will briefly introduce a new response tailoring feature of Knot DNS 2.7, an open-source authoritative-only DNS server developed by CZ.NIC. We will show how to configure Knot DNS server to tailor responses to queries according to client's geographic location or subnet the client belongs to. The module can be used securely with DNSSEC, either effectively by precomputing signatures at load, or online in cooperation with Knot DNS's Online Sign module.
|H. IETF DNSOP WG Update|
A short summary of current activities/drafts/discussions/views in the DNSOP WG.
We would like to have RIPE participant (operator) input on the current discussions and drafts.
|I. Updated Measurements on DNS Privacy|
An update on the benchmarking of TCP/TLS for recursive resolvers presented at RIPE 76.
|J. Any Other Business|