ROTLD DNSSEC Implementation
•Download as PPTX, PDF•
0 likes•750 views
This document summarizes the DNSSEC implementation timeline for the .ro top-level domain operated by ROTLD in Romania. It discusses the experimental phase from 2012-2016 where they tested different signing software and key management solutions. In May 2016, they started signing the zone with a 1024-bit RSA ZSK rolling every 90 days and a 2048-bit RSA KSK rolling annually, stored on an HSM device. The production rollout was completed in July 2016, but adoption remains low with only around 150 of 890,000 .ro domains currently signed. Outreach efforts aim to increase awareness among registrars and registrants.
Report
Share
Report
Share
Recommended
IETF Update: Making the Internet Work Better
The IETF is a global community that develops open standards (RFCs) to improve the Internet through working groups and meetings. It has produced standards for key Internet technologies like TCP/IP, email, routing, DNS, and web. The IETF operates through an open process involving mailing lists, draft documents, and meetings held around the world. It has over 100 working groups organized in 7 areas. Participation is open to volunteers and fellowships are available to encourage participation from underrepresented groups.
ION Bucharest - ISOC & Deploy360 overview
The Internet Society is a global non-profit organization founded in 1992 to promote the open development, evolution and use of the Internet. It encourages open standards, provides information about the Internet, and leads discussions on Internet development. It also fosters growth in developing countries through education and training. The Deploy360 program provides technical resources and training to promote the deployment of Internet protocols and security technologies. It operates a web portal, engages on social media, and holds conferences to share knowledge on topics like IPv6, DNSSEC and BGP security best practices.
ION Bucharest - Deploying DNSSEC
This document summarizes Dan York's presentation on deploying DNSSEC. It discusses how DNSSEC helps ensure the integrity of DNS data by using digital signatures to authenticate DNS responses, preventing cache poisoning and man-in-the-middle attacks. It provides examples of normal DNS interactions versus attacks, and how DNSSEC establishes a chain of trust. The presentation also covers the current state of DNSSEC deployment, how it works in combination with TLS/SSL through DANE, and business reasons for organizations to deploy DNSSEC.
ION Islamabad - DANE/DNSSEC/TLS Testing in the go6lab
ION Islamabad, 25 January 2017
By Jan Zorz, Internet Society
Results from DANE/DNSSEC/TLS Testing in the go6lab
ION Cape Town - IETF Update and How to Get Involved
ION Cape Town, 8 September 2015 - What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions.
ION Islamabad - Deploying DNSSEC
ION Islamabad, 25 January 2017
By Champika Wijayatunga, ICANN
DNSSEC helps prevent attackers from subverting and modifying DNS messages and sending users to wrong (and potentially malicious) sites. So what needs to be done for DNSSEC to be deployed on a large scale? We’ll discuss the business reasons for, and financial implications of, deploying DNSSEC, from staying ahead of the technological curve, to staying ahead of your competition, to keeping your customers satisfied and secure on the Internet. We’ll also examine some of the challenges operators have faced and the opportunities to address those challenges and move deployment forward.
ROTLD DNSSEC Implementation
This document summarizes the DNSSEC implementation timeline for the .ro top-level domain operated by ROTLD in Romania. It discusses the experimental phase from 2012-2016 where they tested different software solutions and key management systems. In May 2016, they obtained hardware security modules and upgraded systems to support DNSSEC. The zone was signed on June 6, 2016 and the DS record was added to the root on July 6, 2016. Currently there are over 150 signed .ro domains but usage remains low, so they are working to increase awareness among registrars and registrants.
ION Sri Lanka - Why Implement DNSSEC?
ION Sri Lanka - Why Implement DNSSEC?
Why Implement DNSSEC?
Jitender Kumar (Afilias)
DNSSEC helps prevent attackers from subverting and modifying DNS messages and sending users to wrong (and potentially malicious) sites. So what needs to be done for DNSSEC to be deployed on a large scale? We’ll discuss the business reasons for, and financial implications of, deploying DNSSEC, from staying ahead of the technological curve, to staying ahead of your competition, to keeping your customers satisfied and secure on the Internet. We’ll also examine some of the challenges operators have faced and the opportunities to address those challenges and move deployment forward.
Recommended
IETF Update: Making the Internet Work Better
The IETF is a global community that develops open standards (RFCs) to improve the Internet through working groups and meetings. It has produced standards for key Internet technologies like TCP/IP, email, routing, DNS, and web. The IETF operates through an open process involving mailing lists, draft documents, and meetings held around the world. It has over 100 working groups organized in 7 areas. Participation is open to volunteers and fellowships are available to encourage participation from underrepresented groups.
ION Bucharest - ISOC & Deploy360 overview
The Internet Society is a global non-profit organization founded in 1992 to promote the open development, evolution and use of the Internet. It encourages open standards, provides information about the Internet, and leads discussions on Internet development. It also fosters growth in developing countries through education and training. The Deploy360 program provides technical resources and training to promote the deployment of Internet protocols and security technologies. It operates a web portal, engages on social media, and holds conferences to share knowledge on topics like IPv6, DNSSEC and BGP security best practices.
ION Bucharest - Deploying DNSSEC
This document summarizes Dan York's presentation on deploying DNSSEC. It discusses how DNSSEC helps ensure the integrity of DNS data by using digital signatures to authenticate DNS responses, preventing cache poisoning and man-in-the-middle attacks. It provides examples of normal DNS interactions versus attacks, and how DNSSEC establishes a chain of trust. The presentation also covers the current state of DNSSEC deployment, how it works in combination with TLS/SSL through DANE, and business reasons for organizations to deploy DNSSEC.
ION Islamabad - DANE/DNSSEC/TLS Testing in the go6lab
ION Islamabad, 25 January 2017
By Jan Zorz, Internet Society
Results from DANE/DNSSEC/TLS Testing in the go6lab
ION Cape Town - IETF Update and How to Get Involved
ION Cape Town, 8 September 2015 - What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions.
ION Islamabad - Deploying DNSSEC
ION Islamabad, 25 January 2017
By Champika Wijayatunga, ICANN
DNSSEC helps prevent attackers from subverting and modifying DNS messages and sending users to wrong (and potentially malicious) sites. So what needs to be done for DNSSEC to be deployed on a large scale? We’ll discuss the business reasons for, and financial implications of, deploying DNSSEC, from staying ahead of the technological curve, to staying ahead of your competition, to keeping your customers satisfied and secure on the Internet. We’ll also examine some of the challenges operators have faced and the opportunities to address those challenges and move deployment forward.
ROTLD DNSSEC Implementation
This document summarizes the DNSSEC implementation timeline for the .ro top-level domain operated by ROTLD in Romania. It discusses the experimental phase from 2012-2016 where they tested different software solutions and key management systems. In May 2016, they obtained hardware security modules and upgraded systems to support DNSSEC. The zone was signed on June 6, 2016 and the DS record was added to the root on July 6, 2016. Currently there are over 150 signed .ro domains but usage remains low, so they are working to increase awareness among registrars and registrants.
ION Sri Lanka - Why Implement DNSSEC?
ION Sri Lanka - Why Implement DNSSEC?
Why Implement DNSSEC?
Jitender Kumar (Afilias)
DNSSEC helps prevent attackers from subverting and modifying DNS messages and sending users to wrong (and potentially malicious) sites. So what needs to be done for DNSSEC to be deployed on a large scale? We’ll discuss the business reasons for, and financial implications of, deploying DNSSEC, from staying ahead of the technological curve, to staying ahead of your competition, to keeping your customers satisfied and secure on the Internet. We’ll also examine some of the challenges operators have faced and the opportunities to address those challenges and move deployment forward.
ION Bucharest - DANE-DNSSEC-TLS
ION Bucharest, 12 October 2016, Internet Society's Jan Zorz discusses Let's Encrypt and DANE testing in his go6lab.
ION Belfast - IETF Update - Chris Grundemann
The document summarizes the Internet Engineering Task Force (IETF), including that it is an open standards organization where anyone can participate and submit draft documents. It discusses IETF meetings, which are held 3 times per year around the world. Recent and upcoming meeting details are provided. Activities at recent meetings focused on Internet of Things, security, privacy, and IANA transition. IPv6 and DNS activities within several working groups are also summarized.
ION Santiago: Lock It Up: TLS for Network Operators
The document discusses the history and evolution of TLS (Transport Layer Security) and SSL (Secure Sockets Layer), their increasing usage across internet applications and services, and efforts by organizations like IETF and Internet Society to promote stronger encryption and the adoption of TLS. It provides an overview of TLS versions and standards development, factors driving increased TLS usage like Snowden revelations, and resources for network operators and developers to help secure communications over the internet using TLS.
Lots More LOCKSS for Web Archiving: Boons from the LOCKSS Software Re-Archite...
The LOCKSS software is being re-architected to reduce costs, integrate components, and prepare for the evolving web. The new components include tools for bibliographic metadata extraction, publisher heuristics, discovery via metadata, format migration on access, and an audit and repair protocol. The roadmap includes Dockerization, improved access via OpenWayback, and format migration and search web services by the end of 2018. The goal is more community involvement through open development on GitHub.
Securing Data in Transit -
This document provides an overview of securing data in transit using TLS in constrained devices. It begins with introducing the presenters from wolfSSL Inc. and the topics that will be covered, which include an introduction to wolfSSL, an overview of SSL/TLS and cryptography, enabling TLS for a simple HTTP client, emerging ciphers and algorithms, and time for Q&A. It then discusses wolfSSL's history and products. The remainder of the document focuses on explaining SSL/TLS protocols, cipher suites, X.509 certificates, implementing TLS on embedded devices using wolfSSL and the FRDM-K64F board as an example, and emerging ciphers like ChaCha20 and Poly1305.
ION Hangzhou - How to Deploy DNSSEC
This document discusses DNSSEC deployment. It provides an introduction to DNSSEC and outlines the preparation, process, strategy, and potential influences of a DNSSEC deployment. Key aspects include setting up a test environment, upgrading systems, training staff, signing zones and managing keys, implementing the deployment in stages, and dealing with increased size of packets and potential for larger DDoS attacks. Regular key rollover is part of the long-term strategy. Resources for further information are also provided.
wolfSSL TLS 1.3 Support in 2018
This presentation covers the current status of TLS 1.3 in the wolfSSL embedded TLS library (as of the time it was presented). It talks about the Draft status of TLS 1.3, middlebox compatibility, extensions, RSA-PSS negotiation and the specification's progress in the TLSWG (TLS Working Group).
www.wolfssl.com
www.wolfssl.com/tls13
Zero Day Malware Detection/Prevention Using Open Source Software
Zero Day Malware Detection/Prevention Using Open Source Software – Proof of Concept
Fathi Kamil Mohad Zainuddin
Senior Analyst (Malware Research Centre, MyCERT)
The Nextcloud Roadmap for Secure Team Collaboration
Nextcloud is an open source content collaboration platform that provides file sync and sharing, file server capabilities, and groupware functionality as an alternative to proprietary services like Dropbox, Google Suite, and Office 365. It allows for decentralization of data storage across trusted servers using open cloud mesh federation with end-to-end encryption and optional key recovery. Nextcloud supports collaboration across iOS, Android, Mac, Windows, Linux, and through CalDAV/CardDAV integration with email clients and Outlook/Thunderbird plugins.
Module: Welcome to Web 3.0
Web 3.0 joins Blockchains, the Semantic Web, and the Distributed Web in one package and creates a revolution, which will change the way we do networking! In this module, you will learn:
- the issues facing Web2.0 and the motivation for the Web3.0 movement,
- IPFS and its role in Web3.0,
- the progress so far in the IPFS ecosystem.
OpenStack Overview: Deployments and the Big Tent, Toronto 2016
Where are we with OpenStack deployments worldwide and in Canada?
- This presentation is based on the last OpenStack User Surveys and information collected from OpenStack ecosystem in Canada.
- We will also talk about Big Tent, the new OpenStack projects governance.
Unlocking LOCKSS with APIs
This document discusses unlocking the LOCKSS system with APIs to make it more interoperable and enable integration with other digital preservation systems. It describes opportunities to integrate polling/repair functionality, repository replication, and access features through APIs. The goal is to reduce costs by leveraging open-source software, aligning with web archiving standards, and enabling external systems to interact with LOCKSS components through a web services architecture. This will help LOCKSS scale and evolve with changes on the web.
Die Zukunft unserer Daten - Nextcloud
Wir werden zukünftig in einer Welt leben, in der die Dateien der meisten Benutzer von vier großen Unternehmen gehostet werden. Dies gilt für die meisten Heimanwender, Unternehmen, aber auch für Bildungs- und Forschungseinrichtungen. Wenn wir unsere Souveränität über unsere Daten behalten, unsere Privatsphäre schützen und die Abhängigkeit von einem Anbieter verhindern wollen, brauchen wir Open Source und selbst gehostete und föderierte Alternativen.
Das Internet und das Web verwenden eine verteilte und föderierte Architektur. Jetzt müssen wir sicherstellen, dass Cloud-Dienste demselben Modell folgen. Eine neue Herausforderung ist die zunehmende Kombination von Anwendungshosting und -Speicher, wie sie in Office 365 und Google Suite zu finden ist. Dies birgt die Gefahr, zu einer sehr starken Vendor Lock-in zu führen.
In diesem Vortrag werden die laufenden Trends in diesen Bereichen und mögliche Lösungen diskutiert. Außerdem erhalten Sie einen Überblick darüber, wie Nextcloud und Univention UCS zusammenarbeiten und welche neusten Nextcloud-Funktionen es gibt.
Marco Balduzzi - Cyber-crime and attacks in the dark side of the web - Codemo...
The dark-web including TOR, FreeNet and I2P, is that part of the Internet that is not indexed by traditional search engines and where anonymity and confidentiality is enforced at the root. For these characteristics, cyber- criminals started abusing the dark-web to conduct illicit or malicious activities like illegal trading, malware hosting, and more recently targeted attacks. In this talk, we explore the cyber-criminal ecosystem in the dark-web and provides insights on its activities against hidden services and other users.
Encode club introduction_to_libp2p
This document introduces libp2p, a modular peer-to-peer networking stack. It consists of composable building blocks like transports, multiplexers, secure channels, peer discovery, routing, and pubsub. These blocks can be assembled to build future-proof p2p applications like a basic chat app. Libp2p aims to provide full global connectivity and runs on many platforms. It powers several networks and has implementations in multiple languages. The roadmap focuses on decentralization, privacy, and bringing libp2p to more devices and research.
Dev ops in the Digital Repository of Ireland - Stuart Kenny
The Digital Repository of Ireland (DRI) is a digital repository funded by the Irish government to provide long-term access to digital resources from Irish institutions. It uses DevOps practices like continuous integration, virtualization, and Ansible for deployment to develop its open-source Hydra repository solution on OpenNebula cloud infrastructure. Stakeholder requirements were mapped to automated tests to guide development of the multi-institutional repository for multiple data types and access controls.
Secure Communication: Usability and Necessity of SSL/TLS
Network-related applications and devices often use secure communication. Although keeping network communications safe should be a top priority to all developers and engineers, it often gets left behind due to lack of understanding, insufficient funding, or looming deadlines.
Securing a project with SSL shouldn?t have to include a steep learning curve, deep pockets, or an unlimited time frame. By learning a few basics of how things work, where the technology is best used, and what features to look for when trying to choose the right SSL implementation, a developer or engineer can easily, simply, and quickly secure their project - putting both themselves and their employer?s minds at ease.
This presentation will introduce SSL - including why secure communication is important, introductory details about SSL, x509, and the underlying cryptography. It will give an overview of where SSL is used today - including Home Energy, Gaming, Databases, Sensors, VoIP, and more. A description of important items to look for when trying to choose an SSL implementation will give developers and engineers a solid foundation to begin securing their projects with SSL and will enable them to have more informed discussions with potential vendors.
Learn more at www.yassl.com.
Nextcloud als On-Premises Lösung für hochsicheren Datenaustausch (Frank Karli...
Nextcloud is an open-source, self-hosted content collaboration platform that provides file sharing and editing, calendars, contacts, communication tools and other features. It allows organizations to have centralized access to all enterprise data within their own infrastructure or hosted wherever they prefer. Some key benefits of Nextcloud include being open source with no vendor lock-in, highly scalable architecture to support large user bases, and additional security, privacy and compliance features for sensitive workloads. Nextcloud has over 200 customers including government agencies and educational institutions seeking a secure alternative to proprietary cloud services.
Do Something Now: Why Perfect is the Enemy of Good (Enough) in Digital Preser...
Do Something Now: Why Perfect is the Enemy of Good (Enough) in Digital Preser...Artefactual Systems - Archivematica
Slides accompanying a presentation given by Dan Gillean of Artefactual Systems at the PERICLES/DPC joint conference and meeting, "Acting on Change: New Approaches and Future Practices in LTDP," held in London at the Wellcome Collection Conference Center, Nov 30 - Dec 2, 2016.
The talk examines the question of the Capacity Gap - why is it that we have so many tools, services, standards, models, and metrics to support digital preservation, but so many organizations feel they do not have the capacity or capability to begin tackling digital preservation within their institution?
The presentation offers a different take based on Dan's experience working as an analyst and consultant for a software development company engaging with many different types of organizations and individuals in the cultural heritage sector. While acknowledging that the under-resourced nature of cultural heritage work plays a key role, this presentation examines some oft-encountered perceptual or cognitive barriers to getting started with digital preservation. It then provides some suggestions on how to overcome these barriers, acknowledging that anything is better than nothing when it comes to DP, and that sometimes perfect can be the enemy of good. Analysis of TLS in SMTP World
This talk presents a comprehensive analysis of TLS in the SMTP world. We scanned over 20 million unique email recipient domains and analyzed TLS (X.509) certificates to measure overall STARTTLS deployment quality. We discovered a wealth of information that was previously unknown. The analysis will provide a good baseline in terms of STARTTLS and TLS certificates used in SMTP.
Scan tool: https://prbinu.github.io/tls-scan
SSL State of the Union
The document summarizes recent developments in SSL/TLS security including protocol attacks like Heartbleed, efforts to increase trust in certificates like DANE and Certificate Transparency, new protocol features like session tickets and OCSP stapling, and how open source projects have addressed vulnerabilities. It also provides instructions for setting up a test PKI using OpenSSL to test SSL/TLS deployment with real certificates.
Mexico trends mx 042116 (003)
Este documento presenta los hallazgos clave de un estudio sobre tendencias globales de cifrado en México realizado por Ponemon Institute. Algunos de los principales hallazgos incluyen: 1) El área de operaciones de TI tiene la mayor influencia sobre la estrategia de cifrado de una organización; 2) Los datos de recursos humanos son los que más se cifran, mientras que la información de salud es la que menos; 3) Los errores de empleados representan la amenaza más significativa para los datos confidenciales. 4) El cumplimiento normativo es el principal
More Related Content
What's hot
ION Bucharest - DANE-DNSSEC-TLS
ION Bucharest, 12 October 2016, Internet Society's Jan Zorz discusses Let's Encrypt and DANE testing in his go6lab.
ION Belfast - IETF Update - Chris Grundemann
The document summarizes the Internet Engineering Task Force (IETF), including that it is an open standards organization where anyone can participate and submit draft documents. It discusses IETF meetings, which are held 3 times per year around the world. Recent and upcoming meeting details are provided. Activities at recent meetings focused on Internet of Things, security, privacy, and IANA transition. IPv6 and DNS activities within several working groups are also summarized.
ION Santiago: Lock It Up: TLS for Network Operators
The document discusses the history and evolution of TLS (Transport Layer Security) and SSL (Secure Sockets Layer), their increasing usage across internet applications and services, and efforts by organizations like IETF and Internet Society to promote stronger encryption and the adoption of TLS. It provides an overview of TLS versions and standards development, factors driving increased TLS usage like Snowden revelations, and resources for network operators and developers to help secure communications over the internet using TLS.
Lots More LOCKSS for Web Archiving: Boons from the LOCKSS Software Re-Archite...
The LOCKSS software is being re-architected to reduce costs, integrate components, and prepare for the evolving web. The new components include tools for bibliographic metadata extraction, publisher heuristics, discovery via metadata, format migration on access, and an audit and repair protocol. The roadmap includes Dockerization, improved access via OpenWayback, and format migration and search web services by the end of 2018. The goal is more community involvement through open development on GitHub.
Securing Data in Transit -
This document provides an overview of securing data in transit using TLS in constrained devices. It begins with introducing the presenters from wolfSSL Inc. and the topics that will be covered, which include an introduction to wolfSSL, an overview of SSL/TLS and cryptography, enabling TLS for a simple HTTP client, emerging ciphers and algorithms, and time for Q&A. It then discusses wolfSSL's history and products. The remainder of the document focuses on explaining SSL/TLS protocols, cipher suites, X.509 certificates, implementing TLS on embedded devices using wolfSSL and the FRDM-K64F board as an example, and emerging ciphers like ChaCha20 and Poly1305.
ION Hangzhou - How to Deploy DNSSEC
This document discusses DNSSEC deployment. It provides an introduction to DNSSEC and outlines the preparation, process, strategy, and potential influences of a DNSSEC deployment. Key aspects include setting up a test environment, upgrading systems, training staff, signing zones and managing keys, implementing the deployment in stages, and dealing with increased size of packets and potential for larger DDoS attacks. Regular key rollover is part of the long-term strategy. Resources for further information are also provided.
wolfSSL TLS 1.3 Support in 2018
This presentation covers the current status of TLS 1.3 in the wolfSSL embedded TLS library (as of the time it was presented). It talks about the Draft status of TLS 1.3, middlebox compatibility, extensions, RSA-PSS negotiation and the specification's progress in the TLSWG (TLS Working Group).
www.wolfssl.com
www.wolfssl.com/tls13
Zero Day Malware Detection/Prevention Using Open Source Software
Zero Day Malware Detection/Prevention Using Open Source Software – Proof of Concept
Fathi Kamil Mohad Zainuddin
Senior Analyst (Malware Research Centre, MyCERT)
The Nextcloud Roadmap for Secure Team Collaboration
Nextcloud is an open source content collaboration platform that provides file sync and sharing, file server capabilities, and groupware functionality as an alternative to proprietary services like Dropbox, Google Suite, and Office 365. It allows for decentralization of data storage across trusted servers using open cloud mesh federation with end-to-end encryption and optional key recovery. Nextcloud supports collaboration across iOS, Android, Mac, Windows, Linux, and through CalDAV/CardDAV integration with email clients and Outlook/Thunderbird plugins.
Module: Welcome to Web 3.0
Web 3.0 joins Blockchains, the Semantic Web, and the Distributed Web in one package and creates a revolution, which will change the way we do networking! In this module, you will learn:
- the issues facing Web2.0 and the motivation for the Web3.0 movement,
- IPFS and its role in Web3.0,
- the progress so far in the IPFS ecosystem.
OpenStack Overview: Deployments and the Big Tent, Toronto 2016
Where are we with OpenStack deployments worldwide and in Canada?
- This presentation is based on the last OpenStack User Surveys and information collected from OpenStack ecosystem in Canada.
- We will also talk about Big Tent, the new OpenStack projects governance.
Unlocking LOCKSS with APIs
This document discusses unlocking the LOCKSS system with APIs to make it more interoperable and enable integration with other digital preservation systems. It describes opportunities to integrate polling/repair functionality, repository replication, and access features through APIs. The goal is to reduce costs by leveraging open-source software, aligning with web archiving standards, and enabling external systems to interact with LOCKSS components through a web services architecture. This will help LOCKSS scale and evolve with changes on the web.
Die Zukunft unserer Daten - Nextcloud
Wir werden zukünftig in einer Welt leben, in der die Dateien der meisten Benutzer von vier großen Unternehmen gehostet werden. Dies gilt für die meisten Heimanwender, Unternehmen, aber auch für Bildungs- und Forschungseinrichtungen. Wenn wir unsere Souveränität über unsere Daten behalten, unsere Privatsphäre schützen und die Abhängigkeit von einem Anbieter verhindern wollen, brauchen wir Open Source und selbst gehostete und föderierte Alternativen.
Das Internet und das Web verwenden eine verteilte und föderierte Architektur. Jetzt müssen wir sicherstellen, dass Cloud-Dienste demselben Modell folgen. Eine neue Herausforderung ist die zunehmende Kombination von Anwendungshosting und -Speicher, wie sie in Office 365 und Google Suite zu finden ist. Dies birgt die Gefahr, zu einer sehr starken Vendor Lock-in zu führen.
In diesem Vortrag werden die laufenden Trends in diesen Bereichen und mögliche Lösungen diskutiert. Außerdem erhalten Sie einen Überblick darüber, wie Nextcloud und Univention UCS zusammenarbeiten und welche neusten Nextcloud-Funktionen es gibt.
Marco Balduzzi - Cyber-crime and attacks in the dark side of the web - Codemo...
The dark-web including TOR, FreeNet and I2P, is that part of the Internet that is not indexed by traditional search engines and where anonymity and confidentiality is enforced at the root. For these characteristics, cyber- criminals started abusing the dark-web to conduct illicit or malicious activities like illegal trading, malware hosting, and more recently targeted attacks. In this talk, we explore the cyber-criminal ecosystem in the dark-web and provides insights on its activities against hidden services and other users.
Encode club introduction_to_libp2p
This document introduces libp2p, a modular peer-to-peer networking stack. It consists of composable building blocks like transports, multiplexers, secure channels, peer discovery, routing, and pubsub. These blocks can be assembled to build future-proof p2p applications like a basic chat app. Libp2p aims to provide full global connectivity and runs on many platforms. It powers several networks and has implementations in multiple languages. The roadmap focuses on decentralization, privacy, and bringing libp2p to more devices and research.
Dev ops in the Digital Repository of Ireland - Stuart Kenny
The Digital Repository of Ireland (DRI) is a digital repository funded by the Irish government to provide long-term access to digital resources from Irish institutions. It uses DevOps practices like continuous integration, virtualization, and Ansible for deployment to develop its open-source Hydra repository solution on OpenNebula cloud infrastructure. Stakeholder requirements were mapped to automated tests to guide development of the multi-institutional repository for multiple data types and access controls.
Secure Communication: Usability and Necessity of SSL/TLS
Network-related applications and devices often use secure communication. Although keeping network communications safe should be a top priority to all developers and engineers, it often gets left behind due to lack of understanding, insufficient funding, or looming deadlines.
Securing a project with SSL shouldn?t have to include a steep learning curve, deep pockets, or an unlimited time frame. By learning a few basics of how things work, where the technology is best used, and what features to look for when trying to choose the right SSL implementation, a developer or engineer can easily, simply, and quickly secure their project - putting both themselves and their employer?s minds at ease.
This presentation will introduce SSL - including why secure communication is important, introductory details about SSL, x509, and the underlying cryptography. It will give an overview of where SSL is used today - including Home Energy, Gaming, Databases, Sensors, VoIP, and more. A description of important items to look for when trying to choose an SSL implementation will give developers and engineers a solid foundation to begin securing their projects with SSL and will enable them to have more informed discussions with potential vendors.
Learn more at www.yassl.com.
Nextcloud als On-Premises Lösung für hochsicheren Datenaustausch (Frank Karli...
Nextcloud is an open-source, self-hosted content collaboration platform that provides file sharing and editing, calendars, contacts, communication tools and other features. It allows organizations to have centralized access to all enterprise data within their own infrastructure or hosted wherever they prefer. Some key benefits of Nextcloud include being open source with no vendor lock-in, highly scalable architecture to support large user bases, and additional security, privacy and compliance features for sensitive workloads. Nextcloud has over 200 customers including government agencies and educational institutions seeking a secure alternative to proprietary cloud services.
Do Something Now: Why Perfect is the Enemy of Good (Enough) in Digital Preser...
Do Something Now: Why Perfect is the Enemy of Good (Enough) in Digital Preser...Artefactual Systems - Archivematica
Slides accompanying a presentation given by Dan Gillean of Artefactual Systems at the PERICLES/DPC joint conference and meeting, "Acting on Change: New Approaches and Future Practices in LTDP," held in London at the Wellcome Collection Conference Center, Nov 30 - Dec 2, 2016.
The talk examines the question of the Capacity Gap - why is it that we have so many tools, services, standards, models, and metrics to support digital preservation, but so many organizations feel they do not have the capacity or capability to begin tackling digital preservation within their institution?
The presentation offers a different take based on Dan's experience working as an analyst and consultant for a software development company engaging with many different types of organizations and individuals in the cultural heritage sector. While acknowledging that the under-resourced nature of cultural heritage work plays a key role, this presentation examines some oft-encountered perceptual or cognitive barriers to getting started with digital preservation. It then provides some suggestions on how to overcome these barriers, acknowledging that anything is better than nothing when it comes to DP, and that sometimes perfect can be the enemy of good. Analysis of TLS in SMTP World
This talk presents a comprehensive analysis of TLS in the SMTP world. We scanned over 20 million unique email recipient domains and analyzed TLS (X.509) certificates to measure overall STARTTLS deployment quality. We discovered a wealth of information that was previously unknown. The analysis will provide a good baseline in terms of STARTTLS and TLS certificates used in SMTP.
Scan tool: https://prbinu.github.io/tls-scan
What's hot (20)
ION Santiago: Lock It Up: TLS for Network Operators
ION Santiago: Lock It Up: TLS for Network Operators
Lots More LOCKSS for Web Archiving: Boons from the LOCKSS Software Re-Archite...
Lots More LOCKSS for Web Archiving: Boons from the LOCKSS Software Re-Archite...
Zero Day Malware Detection/Prevention Using Open Source Software
Zero Day Malware Detection/Prevention Using Open Source Software
The Nextcloud Roadmap for Secure Team Collaboration
The Nextcloud Roadmap for Secure Team Collaboration
OpenStack Overview: Deployments and the Big Tent, Toronto 2016
OpenStack Overview: Deployments and the Big Tent, Toronto 2016
Marco Balduzzi - Cyber-crime and attacks in the dark side of the web - Codemo...
Marco Balduzzi - Cyber-crime and attacks in the dark side of the web - Codemo...
Dev ops in the Digital Repository of Ireland - Stuart Kenny
Dev ops in the Digital Repository of Ireland - Stuart Kenny
Secure Communication: Usability and Necessity of SSL/TLS
Secure Communication: Usability and Necessity of SSL/TLS
Nextcloud als On-Premises Lösung für hochsicheren Datenaustausch (Frank Karli...
Nextcloud als On-Premises Lösung für hochsicheren Datenaustausch (Frank Karli...
Do Something Now: Why Perfect is the Enemy of Good (Enough) in Digital Preser...
Do Something Now: Why Perfect is the Enemy of Good (Enough) in Digital Preser...
Viewers also liked
SSL State of the Union
The document summarizes recent developments in SSL/TLS security including protocol attacks like Heartbleed, efforts to increase trust in certificates like DANE and Certificate Transparency, new protocol features like session tickets and OCSP stapling, and how open source projects have addressed vulnerabilities. It also provides instructions for setting up a test PKI using OpenSSL to test SSL/TLS deployment with real certificates.
Mexico trends mx 042116 (003)
Este documento presenta los hallazgos clave de un estudio sobre tendencias globales de cifrado en México realizado por Ponemon Institute. Algunos de los principales hallazgos incluyen: 1) El área de operaciones de TI tiene la mayor influencia sobre la estrategia de cifrado de una organización; 2) Los datos de recursos humanos son los que más se cifran, mientras que la información de salud es la que menos; 3) Los errores de empleados representan la amenaza más significativa para los datos confidenciales. 4) El cumplimiento normativo es el principal
RBMovil Powered by CHARGE Anywhere: MWC
The document discusses mobile payment solutions from CHARGE Anywhere. It describes CHARGE Anywhere's end-to-end payment processing ecosystem that enables secure offline and online transactions from mobile devices. It also discusses how CHARGE Anywhere partnered with RBM, a Colombian payment processor, to launch RBMovil, a mobile payment application to help address challenges in Colombia's cash-heavy market and increase financial inclusion.
Protecting application delivery without network security blind spots
SSL/TLS is extensively used to protect web traffic, but the technology can also be exploited to create security blind spots. SSL/TLS encrypted tunnels can be used to hide malicious codes and other threats from network security and performance monitoring tools. To prevent possible malware propagation across networks requires decrypt/encrypt capabilities that enable careful traffic monitoring and inspection.
Don Laursen, Sr. Product Manager from F5 and Juan Asenjo, Sr. Partner Manager at Thales e-Security, explain how a security architecture using application delivery controllers (ADCs) and hardware security modules (HSMs) can ensure you can optimizes web services with traffic inspection, while safeguarding and managing the critical cryptographic keys that underpin security.
Or why not listen to the webcast: https://www.thales-esecurity.com/knowledge-base/webcasts/protecting-application-delivery-without-network-security-blind-spots
TLS State of the Union
This document summarizes the state of TLS and SSL security. It discusses how the Heartbleed vulnerability exposed vulnerabilities in over 60% of websites. It also discusses increased efforts to improve TLS security like the Linux Foundation providing funding to OpenSSL and the rise of free certificate authorities like Let's Encrypt. The document advocates for best practices like enabling forward secrecy, moving to TLS 1.3, and avoiding SHA-1 certificates.
Futurex Secure Key Injection Solution
Futurex provides encryption solutions including the SKI9000 device for direct key injection. The SKI9000 allows loading keys securely into up to sixteen POS terminals or ATM PIN pads at once using a graphical interface. It stores keys as encrypted cryptograms for security and supports DUKPT key standards. Futurex helps customers comply with regulations by providing expertise on secure key injection rooms and key management.
Decision criteria and analysis for hardware-based encryption
Organizations trying to balance the risk of data breaches against the cost of pervasive encryption often balk at the trade-off. The use of hardware security modules (HSMs) in conjunction with applications that perform encryption improves the protection afforded to encryption keys and the encryption processes themselves, but cost considerations typically limit the scope of their deployment.
This slidedeck provides an explanation of criteria to help organizations decide which applications or data would benefit most from hardware-based encryption and key protection. The criteria are designed to make those decisions repeatable, consistent, and specific for any application, based on the organization’s sensitivity to cost, risk tolerance, and performance requirements. Real-world examples are also included!
Our why not listen to the webcast: https://www.thales-esecurity.com/knowledge-base/webcasts/sans-webcast
[Application guide] IoT Protocol gateway
The document describes an IoT protocol gateway that allows communication between multiple PLCs/devices and transfer of data to information systems via open protocols like Modbus TCP/RTU. The gateway supports over 450 PLC protocol drivers, has flexible I/O and wireless options, and provides an easy way to convert proprietary protocols to Modbus TCP/RTU with minimal configuration needed. It also lists the product portfolio and contact information for Advantech's Open HMI and Control Solutions division.
Cloud payments (HCE): a simpler step with Thales HSMs
Deploying a cloud payment (HCE) solution can be a daunting and complex task. Cryptographic and key management requirements don't have to be something to slow down your project. At Thales e-Security we have been at the forefront of designing solutions to reduce the complexity of cryptographic security and implementation, helping organisations rapidly bring solutions to market.
This slidedeck explains the key management requirements of the various schemes' specifications, and explains how using Thales HSMs can shorten your development cycle and allow you to rapidly bring your product to market.
Or why not listen to the webcast: https://www.thales-esecurity.com/knowledge-base/webcasts/cloud-payments-made-simpler-with-thales-hsms
Innovation Solutions
The document discusses innovative solutions from Thales for the railway and harbour environment. It describes Thales Rail Signalling Solutions and its portfolio, including ARAMIS, an integrated solution for railway-harbour interfaces. ARAMIS provides functions like train supervision and automatic route setting. It has key features like scalability and reliability. The document also briefly mentions other Thales solutions like electronic interlocking systems and the Checkpoint train condition monitoring system.
Thales e-Security corporate presentation
The document discusses data protection solutions from Thales e-Security and Vormetric. It notes that increased connectivity has driven the need for trusted relationships and data security. Encryption solves many security and compliance issues but current solutions have created "encryption silos" that are complex, inefficient, and expensive to manage. The combination of Thales e-Security and Vormetric will create a powerful data security platform with a broad range of encryption, key management, and tokenization capabilities to address these issues. It provides concise summaries of the solutions and value propositions.
Risk Analysis Of Banking Malware Attacks
Analysis of How Banking Malware Like Zeus Exploit Weakenesses In On-Line Banking Applications and Security Controls. This prezo is a walkthrough the attack scenarion, the attack vectors, the vulnerability exploits and the techniques to model the threats so that countermeasures can be identified
Cloud based payments: the future of mobile payments?
Since HCE first became available in Android handsets, card issuers have been using it to deliver mobile payment solutions to the customers. With scheme specifications and the arrival of tokenization there has been an increasing rate of adoption. Now, with a growing number of payment options becoming available from the 'X-Pays' and a growing convergence between on-line, in-store and in-app transactions, what is the future for cloud based payments?
Or why not listen to the webcast https://www.thales-esecurity.com/knowledge-base/webcasts/cloud-based-payments-the-future-of-mobile-payments
thales-corporate-presentation 2015
Thales is a global company involved in aerospace, space, transportation, defense, and security. It has 65,000 employees operating in 56 countries. Thales provides critical technology solutions that help customers make safe and secure decisions. It focuses on innovation through large investments in R&D and partnerships with academic institutions. Safety and security are at the core of Thales's mission to deliver smarter solutions to customers around the world.
Le contrat agile ce n'est pas si simple que ça
Présentation sur le contrat Agile faite le 17 juin 2016 à Agile France.
L'article associé à cet événement, contenant notamment la vidéo de la session est disponible sur le blog beule.fr à cette adresse :
http://blog.beule.fr/analyses-dexpert/le-contrat-agile-ce-nest-pas-si-simple-que-ca/
HSM Basic Training
Thales payShield 9000 basic training by Md. Budrul Hasan Bhuiyan. This training helps bank people to understand HSM.
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Dr. Mohammad Shahir gave a presentation on cyber security threats facing organizations. He discussed common attack types like phishing, malware, and DDoS attacks. He explained how these attacks work and real-world examples like the RSA and Target data breaches. Shahir covered prevention methods like firewalls and user awareness training. The presentation aimed to help participants understand common cyber attacks and how to prevent and prepare for future threats.
Security for e commerce
This document discusses security in e-commerce. It covers various threats to e-commerce like human error, espionage, and network threats. It also discusses security goals like confidentiality, integrity, authentication and availability. Cryptography techniques like symmetric and asymmetric encryption are described as ways to provide security. Requirements for e-commerce security like message privacy, integrity, authentication, authorization and payment are outlined.
Payment Hsm Payshield9000
This document provides an overview of Thales Payment HSMs (hardware security modules). It discusses Thales' history in payment HSMs and the features of their current payShield 9000 model. Key points covered include how Thales HSMs work using a command/response API, examples of common commands, physical interfaces, local master keys, hardware and software options, and certifications. Useful collateral materials for learning more about Thales Payment HSMs are also listed.
Viewers also liked (19)
Protecting application delivery without network security blind spots
Protecting application delivery without network security blind spots
Decision criteria and analysis for hardware-based encryption
Decision criteria and analysis for hardware-based encryption
Cloud payments (HCE): a simpler step with Thales HSMs
Cloud payments (HCE): a simpler step with Thales HSMs
Cloud based payments: the future of mobile payments?
Cloud based payments: the future of mobile payments?
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Similar to ROTLD DNSSEC Implementation
RIPE 71 and IETF 94 reports webinar
The document summarizes discussions from IETF 94 and RIPE 71 conferences. Several new DNS-related RFCs were published, including ones on DNSSEC, DANE, and IPv6. Discussions also covered DNS record ordering, DS record management automation, and measuring the SMTP over TLS adoption. IPv6 performance improvements were noted since 2011, though challenges remain. DNSTAP was introduced as a new technology for monitoring DNS server operations with minimal performance impact.
DNS Measurement Activity on ITB 2010
ITB is participating in several Internet measurement projects to monitor DNS activity and measure the growth of the Internet from a global perspective. This includes DITL 2010, run by OARC, which collects DNS data to analyze trends in IPv4/IPv6 growth and secure DNS adoption. ITB has also installed a Gulliver measurement box to monitor DNS reachability and response times to root servers from its location. Further analysis of the data collected can provide insights into DNS performance and uncover any anomalies.
DNSSEC/DANE/TLS Testing in Go6Lab
Jan Žorž tested DNSSEC, DANE, and TLS implementations in the Go6lab. He signed DNS zones with OpenDNSSEC and BIND9. Nearly 70% of SMTP sessions to top Alexa domains used TLS, with the majority having trusted certificates. DANE verification worked when domains and records were signed, but failed when the chain of trust was broken. Renewing Let's Encrypt certificates required keeping the underlying key to maintain valid 3.1.1 TLSA records.
ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)
This document summarizes a webinar about an interoperability experiment (IE) testing the integration of Shibboleth single sign-on and OGC web services. The IE involved several organizations demonstrating that their OGC client software could access protected WMS and WFS through a Shibboleth federation. The goal was to show clients from different organizations successfully authenticating and accessing map and feature services across administrative boundaries without changes to OGC specifications or Shibboleth. The webinar demonstrated examples of desktop and browser-based clients accessing services after single sign-on.
DNSSec: Internet achter de schermen
The document discusses DNSSEC and efforts to secure the Domain Name System (DNS). It describes common DNS security threats like cache poisoning, where an attacker provides false data to a caching name server by guessing query IDs. The Kaminsky attack exploited a flaw that made it possible to guess IDs and poison caches without prior knowledge of the target domain's cache contents. DNSSEC aims to prevent such attacks by digitally signing DNS data to verify its integrity and authenticity.
Oracle - Continuous Delivery NYC meetup, June 07, 2018
The document discusses Oracle's approach to containerization and Kubernetes. It provides an overview of container native development and Oracle's vision of an end-to-end container native suite. It also describes Oracle Container Engine (OKE) which provides a fully managed Kubernetes service on Oracle Cloud Infrastructure.
OpenStack Marketing Meeting Oct 2
The 10th release of OpenStack supports new use cases across many industries through expanded support of technologies. Key themes of the release include improved enterprise maturity, networking advances like NFV support, new data processing and container support through Docker integration, and continued focus on the user experience. Over 300 blueprints were completed and over 3,200 bugs were fixed for the 10th release. New features were added across Compute, Storage, Networking, and Shared Services like Identity. The next Kilo release is scheduled for April 2015 and will focus on integrating Bare Metal provisioning and setting the stage for new projects.
ION Santiago: What's Happening at the IETF? Internet Standards and How to Get...
ION Santiago: What's Happening at the IETF? Internet Standards and How to Get...Deploy360 Programme (Internet Society)
Presentation given by Alvaro Retana at ION Santiago in Chile on 28 October 2014.
What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions, including bringing the IETF to Latin America in 2016.After summit catch up
Sharing experiencew after the first OpenStack Summit taking place in Europe. Quick review at the latest OpenStack Juno release.
ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
APNIC Director General Paul Wilson gives a presentation on Internet number registry services - the next generation at ThaiNOG 2019, held with BKNIX 2019 in Bangkok, Thailand from 7 to 8 May 2019.
PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...
Bart van der Sloot joined FiberRing as Managing Director in April 2014, with the objectives to further grow and enhance the footprint, quality and business of FiberRing’s 2 Tbps global IP network, covering over 50 locations on 3 continents. From 1999 to 2013 Bart worked at Global Crossing (acquired by Level 3 in 2011), where he developed staffing, systems and business processes for Global Crossing’s European brand new sales team, built and coached a Wholesale Sales team to sign new telecom customers and grow revenues in various countries across Europe, led Global Crossing’s expansion into Central and Eastern Europe and established Level 3’s position in the Benelux broadcast market.
Samer Abdel-Hafez joined the FiberRing network team in December 2013 as Network Design Engineer. Samer’s responsibilities within the team include planning capacity for the large traffic volume of FiberRing, arranging interconnections in new locations and markets, designing advanced ad-hoc solutions for the FiberRing network and customers and advise the Network support team on day to day issues.
Abstract: FiberRing operates one of the largest content networks in the world, peaking at over 2 Tb/s. In order to facilitate troubleshooting, detect attacks and saving important data as router configurations, we implement a series of tools mostly implemented in house or open source.
The key point of this presentation is to describe how FiberRing is using these tools for:
monitoring: FiberRing makes extensive use of Opsview (Nagios) and NMIS. We utilise Opsview for alerts and reporting and NMIS for detailed traffic analysis.
capacity planning: FiberRing choose PMACCT as netflow collector software and implemented an in house front-end solution that helps us locate strategic peering partners and explore ways to reduce the costs to deliver our content.
DDOS attacks detection: As every large hosting provider, we are regularly target of DDoS attacks. We implement a set of linux boxes running running nfcapd to collect traffic flows with 1 minute/per host granularity. This gives us great flexibility and incredibly valuable data to quick detect attacks and take corrective actions.
routers’ configuration backups: FiberRing is actively involved in the development of Oxidized, an innovative configuration backup tool which poses itself as rancid replacement.
SCAPE - Scalable Preservation Environments
Ross King, Project Director of SCAPE, gave a short presentation of the EU funded project SCAPE, including descriptions of tools for planning and monitoring digital preservation, scalable computation and repositories, SCAPE Testbeds and where to learn more.
The presentation was given at the workshop ‘Preservation at Scale’ http://bit.ly/17ppAln in connection with the iPres2013 conference in Lissabon, Portugal, in September 2013.
RDAP @ .at
at ICANN69's virtual Techday, Alex Mayrhofer of nic.at speaks about the current state of .at's RDAP server prototype. The primary goal of the prototype is to the provide the local CERT with in-depth information about .at domain names. The prototype is used to develop and test-drive a few advanced RDAP features and pave the way to a potential public service.
Vp ns
This document discusses virtual private networks (VPNs) and provides information on various VPN types and implementations. It begins by explaining that VPNs are used to connect private networks via the internet in a secure manner. It then covers IP-based VPNs and their components like encryption and encapsulation. The document also summarizes VPN characteristics, types including server, firewall and router-based, architectures, best practices, and different implementation methods such as IPSec and SSL-based VPNs.
BKK16-205 RDK-B IoT
RDKB is Open Source Broadband Gateway platform stack, built on top of an OpenEmbedded build framework. It’s currently deployed on all Comcast broadband home gateways. This talk will introduce the internals of RDKB and features forming the basis of the IoT framework for the Comcast Network.
OAS SSIG 2016 - IETF-LAC & LACNOG - Alvaro Retana - Cisco
Alvaro Retana Presentation in OAS SSIG 2016 - Washington DC
Organization of American States (OAS) / Inter- American Committee against Terrorism (CICTE) / IETF-LAC / LACNOG
An Open and Collaborative Ecosystem for IoT
This document summarizes a presentation about open source and open standards for the Internet of Things (IoT). It discusses the promise and challenges of the IoT, including many disjoint efforts and standards. It then describes OpenStack and OpenDaylight, two open source projects that provide platforms for cloud computing and SDN/NFV. Finally, it discusses how open source and open standards can be combined to accelerate innovation for the IoT through collaboration on efforts like oneM2M, IoT Data Broker, Time Series Data Repository, and putting the pieces together through projects like OPNFV.
Oracle Solaris Software Integration
Oracle Software Integration
Onder Ozbek, Sr Product Manager
Yoana Gyurova, Product Manager
June 14, 2016
Introduction to Openstack Network
A quick introduction to Openstack Network Features, an overview of the Open vSwitch plugin with logical-2-physical mappins
3rd meetup Openstack User Group Italy
IP Address Certification (RPKI)
Presentation given by Mirjam Kühne and Ivo Dijkhuis at TF-CSIRT (the computer security incident response teams task force) in Poznań on 21st & 22nd May 2015
Similar to ROTLD DNSSEC Implementation (20)
ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)
ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)
Oracle - Continuous Delivery NYC meetup, June 07, 2018
Oracle - Continuous Delivery NYC meetup, June 07, 2018
ION Santiago: What's Happening at the IETF? Internet Standards and How to Get...
ION Santiago: What's Happening at the IETF? Internet Standards and How to Get...
ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...
PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...
OAS SSIG 2016 - IETF-LAC & LACNOG - Alvaro Retana - Cisco
OAS SSIG 2016 - IETF-LAC & LACNOG - Alvaro Retana - Cisco
More from Deploy360 Programme (Internet Society)
ION Belgrade - Jordi Palet Martinez IPv6 Success Stories
23 November 2017 - At ION Belgrade, Jordi Palet Martinez discusses some IPv6 statistics as part of a panel on deployment.
ION Belgrade - ISOC Serbia Belgrade Chapter Presentation
23 November 2017 - At ION Belgrade, Desiree Miloshevic presents on the ISOC Serbia Belgrade Chapter, its activities, and how to get involved.
ION Belgrade - IETF Update
23 November 2017 - At ION Belgrade, Kevin Meynell discusses what happened at the recent IETF meeting, and how to get involved in the open Internet standards community.
ION Belgrade - Opening Slides
The document provides information about the Internet Society and its Deploy360 program. It summarizes that the Internet Society was founded 25 years ago to support the technical evolution and use of the Internet. Its Deploy360 program aims to advance the real-world deployment of protocols like IPv6, DNSSEC, and TLS by providing hands-on technical resources for networks. The program involves online documentation, events, and engaging with first adopters to share deployment experiences. It encourages participation through its website, social media, and industry events.
ION Belgrade - MANRS by Serbian Open eXchange (SOX)
23 November 2017 - ION Belgrade MANRS presentation by Dr. Nenad Krajnovic from Serbian Open eXchange (SOX)
ION Belgrade - Closing Slides
This document provides information about joining the Internet Society and its Serbia chapter to help preserve the open internet. It encourages attendees to get involved by creating content or providing feedback to help develop resources for internet deployments. Contact details and links are given to follow developments and access presentation materials from the conference.
AusNOG - Two Years of Good MANRS
September 2017 - Aftab Siddiqui presents on the Mutually Agreed Norms for Routing Security (MANRS), and how we can work together to improve the security and resiliency of the Internet's routing system.
ION Malta - IETF Update
18 September 2017 - ION Malta
What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions.
ION Malta - MANRS Introduction
Collaboration and shared responsibility are two pillars supporting the Internet’s growth and success. While the global routing system has worked well, it has significant security challenges that we must address. In this panel, security experts will discuss how we can create a culture of collective responsibility and improve the global routing system, including an introduction to the “Mutually Agreed Norms for Routing Security” (MANRS).
ION Malta - Introduction to DNSSEC
18 September 2017 - ION Malta
DNSSEC helps prevent attackers from subverting and modifying DNS messages and sending users to wrong (and potentially malicious) sites. So what needs to be done for DNSSEC to be deployed on a large scale? We’ll discuss the reasons for deploying DNSSEC, examine some of the challenges operators have faced, and address those challenges and move deployment forward.
ION Malta - DANE: The Future of TLS
18 September 2017 - Rick Lamb, ICANN, on DANE:
If you connect to a “secure” server using TLS/SSL (such as a web server, email server or xmpp server), how do you know you are using the correct certificate? With DNSSEC now being deployed, “DANE” (“DNS-Based Authentication of Named Entities”) has emerged allowing you to securely specify exactly which TLS/SSL certificate an application should use to connect to your site. DANE has great potential to make the Internet much more secure by marrying the strong integrity protection of DNSSEC with the confidentiality of SSL/TLS certificates. In this session, we will explain how DANE works and how you can use it to secure your websites, email, XMPP, VoIP, and other web services.
ION Malta - IANA Transition Roles & Accountability
18 September 2017 - At ION Malta, Adam Peake discusses the IANA transition:
The IANA transition was successfully completed in October 2016 creating strengthened relationships between the IETF (Internet protocols and standards), Regional Internet Registries RIRs (IP addresses), and ccTLD and gTLD operators and TLD community and ICANN. A new organisation, Public Technical Identifiers (PTI), an affiliate of ICANN, is now responsible for performing the IANA functions and delivering the IANA Services on behalf of ICANN. The session will discuss these new arrangements and how they have enhanced ICANN’s accountability and transparency to the global Internet community. The session will also describe how ICANN is preparing for the Root KSK Rollover.
ION Malta - IPv6 Case Study: Finland
This document summarizes Finland's efforts to promote IPv6 adoption. It discusses the formation of the Finnish IPv6 Task Force to develop recommendations for IPv6 implementation. It also describes Finland's national IPv6 launch in 2015, where major ISPs enabled IPv6 for over 5 million broadband subscriptions. As a result, IPv6 usage increased significantly. The document discusses challenges faced during the transition like upgrading network equipment and changing attitudes. It concludes that while work remains, the launch was successful and IPv6 introduction costs can be limited by starting with easier implementations.
ION Malta - Seeweb Thoughts on IPv6 Transition
The document discusses Marco d'Itri's thoughts on the transition to IPv6. It describes the transition as ongoing, with no flag days, as IPv6 adoption grows. It notes that while IPv4 NAT is easy for access networks, it is difficult for servers. Many large content providers already use IPv6. The transition involves steps before IPv4 addresses ran out, the current transition period, and after the transition when IPv4 will be optional. IPv6 adoption is growing in several countries like Belgium and the US. Eventually IPv4-only islands will need to make themselves accessible over IPv6. The document provides advice on starting an IPv6 transition and offers a simple IPv6 addressing plan.
ION Malta - Seeweb Why MANRS is good for you
MANRS protects networks and reputations by preventing BGP leaks and spoofing that can saturate networks or attack infrastructure. Implementing MANRS filtering of BGP customers and spoofed traffic helps avoid these issues. It also allows other networks to filter your routes to prevent leaks. While RPSL is complex, registering autonomous systems and routes in the RIPE database through simple objects helps third parties and saves time for automation. Overall, MANRS establishes basic management practices that benefit networks by improving stability and security.
ION Malta - Opening Slides
18 September 2017 - Opening slides at ION Malta discussing the Internet Society, its 25th anniversary, and the Deploy360 Programme.
ION Malta - Closing Slides
The document provides information about celebrating 25 years of the Internet Society and getting involved in various initiatives. It encourages readers to help shape the future of the internet, visit websites for more resources, follow social media accounts, and find presentation archives from a past conference. Contact details are also listed.
ION Durban - How peering behaviour affects growth of the internet
ION Durban - How peering behaviour affects growth of the internetDeploy360 Programme (Internet Society)
7 September 2017 - At ION Conference Durban, William Stucke presents on how peering behaviour affects growth of the Internet? ION Durban - Introduction to ISOC Gauteng Chapter
The document summarizes Thato Mfikwe's presentation at the ION Conference 2017 in Durban about the ISOC South Africa Gauteng Chapter. It provides details about the chapter's establishment, vision, pillars, membership reach across Africa and Europe, and projects from 2014-2016 and planned for 2017 focusing on community networks, policy engagement, outreach, and training. It also discusses ICT, internet governance landscape, topics at the ION conference including DNS, IPv6, cyber threats, and secure routing.
ION Durban - What's Happening at the IETF?
7 September 2017 - At ION Conference Durban, South Africa, Kevin Meynell discusses what's happening at the IETF in the world of Internet standards, and how you can get involved in the process.
More from Deploy360 Programme (Internet Society) (20)
ION Belgrade - Jordi Palet Martinez IPv6 Success Stories
ION Belgrade - Jordi Palet Martinez IPv6 Success Stories
ION Belgrade - ISOC Serbia Belgrade Chapter Presentation
ION Belgrade - ISOC Serbia Belgrade Chapter Presentation
ION Belgrade - MANRS by Serbian Open eXchange (SOX)
ION Belgrade - MANRS by Serbian Open eXchange (SOX)
ION Malta - IANA Transition Roles & Accountability
ION Malta - IANA Transition Roles & Accountability
ION Durban - How peering behaviour affects growth of the internet
ION Durban - How peering behaviour affects growth of the internet
Recently uploaded
June Patch Tuesday
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
20240609 QFM020 Irresponsible AI Reading List May 2024
Everything I found interesting about the irresponsible use of machine intelligence in May 2024
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...Edge AI and Vision Alliance
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays, June 2024 with Maria Copot 20
Webinar: Designing a schema for a Data Warehouse
Are you new to data warehouses (DWH)? Do you need to check whether your data warehouse follows the best practices for a good design? In both cases, this webinar is for you.
A data warehouse is a central relational database that contains all measurements about a business or an organisation. This data comes from a variety of heterogeneous data sources, which includes databases of any type that back the applications used by the company, data files exported by some applications, or APIs provided by internal or external services.
But designing a data warehouse correctly is a hard task, which requires gathering information about the business processes that need to be analysed in the first place. These processes must be translated into so-called star schemas, which means, denormalised databases where each table represents a dimension or facts.
We will discuss these topics:
- How to gather information about a business;
- Understanding dictionaries and how to identify business entities;
- Dimensions and facts;
- Setting a table granularity;
- Types of facts;
- Types of dimensions;
- Snowflakes and how to avoid them;
- Expanding existing dimensions and facts.
Taking AI to the Next Level in Manufacturing.pdf
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Digital Marketing Trends in 2024 | Guide for Staying Ahead
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Main news related to the CCS TSI 2023 (2023/1695)
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
OpenID AuthZEN Interop Read Out - Authorization
During Identiverse 2024 and EIC 2024, members of the OpenID AuthZEN WG got together and demoed their authorization endpoints conforming to the AuthZEN API
HCL Notes and Domino License Cost Reduction in the World of DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Choosing The Best AWS Service For Your Website + API.pptx
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Recently uploaded (20)
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
ROTLD DNSSEC Implementation
- 2. .ro Registry - ROTLD • ROTLD is a department of “National Intitute for R&D in Informatics – ICI Bucharest” • ICI is a state-owned company, coordinated by Ministry of Communication and for Informational Society • In 1992, ICI operated the first connection to Internet from Romania • It was the first ISP in Romania for research and education organizations, starting in 1992 • February 26, 1993: IANA delegated the authority to register .ro domain names to ICI Bucharest
- 3. .ro Registry - ROTLD • .ro is an “open” TLD, any person or entity is permitted to register • Registration on a “first come - first serve” principle • At present there is only one-time payment for registration, no renewal fee (need to be changed) • Direct registration or using one of more than 90 Registrars • Registrars can register in real time using APIs (EPP or REST)
- 5. .ro DNSSEC Timeline Experimental .ro signed DS in Root General availability 6 June 2016 6 July 201617 May 2016Since 2012
- 6. .ro DNSSEC Experimental Phase (1) • Starting in late 2012 • Getting familiar with DNSSEC technology, training and courses at RIPE NCC and IIS (.SE registry) • First TestBed operational in 2013, working with BIND and in house developed key management software • Tests with complete chain of trust using reverse and ENUM zones • Decided to also test different signing software solutions
- 7. .ro DNSSEC Experimental Phase (2) • Second TestBed with OpenDNSSEC v1.4 with SoftHSM • .ro zone is dynamically updated • At that time OpenDNSSEC didn’t support that so problems encounter • BIND was the next choice with “auto-dnssec maintain” • Developed a brand new key management system using OpenDNSSEC backend and Java
- 8. .ro DNSSEC Experimental Phase (3) • HSM devices acquisition (Thales nShield Connect+) in 2015 • BIND officially support this HSM in native PKCS#11 mode • Redundant deployment using Security World, easy backup of RFS, unlimited key storage, load sharing of cryptographic operations • Phisically secured
- 9. .ro DNSSEC Experimental Phase (4) • Upgraded registration system to support DNSSEC (databases, middleware, REST, EPP, frontend apps) • Audit the network infrastructure ( especially firewalls). • Continuous service monitoring and zone validation (Nagios, Cacti and other custom tools)
- 10. .ro DNSSEC Experimental Phase (5) • Final design: BIND with HSM + OpenDNSSEC backend + in house key management software
- 11. .ro DNSSEC Experimental Phase (6) • Why it took so long: • Initially not a high priority project • Lack of a dedicated team until 2015 • Intermittent work periods • Tested multiple software solutions • Delayed acquisition procedures • Minimize the risks of errors when the system is in production
- 12. .ro DNSSEC in production • ZSK 1024 bits RSA-SHA256 (rolled at 90 days) • KSK 2028 bits RSA-SHA256 (rolled every year) • NSEC3, OPT-OUT signing • 30 days RRSIG validity • Allowed DS record algorithms: 3, 5, 6, 7, 8, 10, 12, 13, 14 and hash type 1 and 2 • First signed domain was rotld.ro
- 13. .ro DNSSEC in production • Currently very low used • Around 150 signed domains (less than 0.02% from 890.000 total .ro domains) • Raise awareness among community • Organize workshops for registrars and registrants
- 14. .ro DNSSEC Thank You ! Ing. Catalin LEANCA catalinl@rotld.ro http://www.rotld.ro