SlideShare a Scribd company logo

DNS / DNSSEC / DANE / DPRIVE Results at IETF93 Hackathon

Dan York
Dan York

This shows the results of the DNS team at the IETF 93 Hackathon in Prague on July 18-19, 2015. It includes links to the public repositories where code may be found.

Technology
1 of 7
Download to read offline
DNS  /  DNSSEC  /  DANE  /  DPRIVE   Results  at  IETF  93  Hackathon   18-­‐19  July  2015   Prague,  Czech  Republic  
Summary  –  What  We  Are  Working  On   Web   Server   Web   Browser   &  stub   resolver   hTps://example.com/   web  page   DNS   Resolver   +   ValidaZon   10.1.1.123   DNSKEY   RRSIGs   1 25 6 DNS  Svr   example.com   DNS  Svr   .com   DNS  Svr   root   3 10.1.1.123   4 example.com   NS   DS   .com   NS   DS   example.com?   INTEGRITY  –  DNSSEC  TRUST  IN  TLS  -­‐  DANE   CONFIDENTIALITY  -­‐  DPRIVE  
DNS  at  #IETFHackathon  at  #IETF93   •  Visual  interface  to  show  what  DNSSEC  algorithms  are  supported   by  a  DNS  resolver   •  Tool  to  test  for  DNSSEC  roadblocks   –  dra_-­‐ie`-­‐dnsop-­‐dnssec-­‐roadblock-­‐avoidance   •  Prototype  web  server  implementaLon  –  TLS  extension  to  deliver   DNSSEC  authenLcaLon  chain  to  client   –  dra_-­‐shore-­‐tls-­‐dnssec-­‐chain-­‐extension   •  DNS  confidenLality/privacy  (DPRIVE)   –  Fixed  opportunisZc  TLS  in  both  getdns  and  Unbound  to  be  strict   authenZcated  TLS   1.  Added  funcZonality  to  getdns  API  to  authenZcate  TLS  server.     2.  Patched  Unbound  server:  forward-­‐secret  key  exchange;  enabled   sending  full  TLS  cerZficate  chain  in  handshake   •  JSON  interface  to  IANA  registry  of  DNSSEC  algorithms  
Public  releases   •  Visual  interface  to  check  DNSSEC  algorithms   –  hTps://github.com/ogud/DNSSEC_ALG_Check     –  hTps://github.com/getdnsapi/IETF93HackathonNode     •  Tool  to  test  for  DNSSEC  roadblock  avoidance   –  hTps://www.ie`.org/registraZon/MeeZngWiki/wiki/ dnsresolvercapabiliZes   –  hSps://getdnsapi.net/roadblock.php     –  hTps://github.com/getdnsapi/IETF93HackathonPHP     •  DNS  confidenZality/privacy  -­‐  TLS   –  Patches  going  into  next  release  of  getdns  API   –  Patch  available  for  Unbound   •  JSON  interface  to  IANA  registry  of  DNSSEC  algorithms   –  hTps://github.com/danyork/dnssec-­‐algs-­‐json    
Tool  to  test  DNSSEC  algorithm  support   •  Implemented  in  Node.js  using  getdns  API  
Tool  to  test  DNSSEC  Roadblocks   •  Implemented  in  PHP  using  getdns  API  
DNS  Hackers   •  Sara  Dickinson   •  Daniel  Kahn  Gillmor   (dkg)   •  Ólafur  Guðmundsson   •  Shumon  Huque   •  Allison  Mankin   •  Benno  Overeinder   •  Wendy  Seltzer   •  Willem  Toorop   •  Gowri  Visweswaran   •  Tim  Wicinski   •  Dan  York  

Recommended

How broken is TLS?
How broken is TLS?How broken is TLS?
How broken is TLS?hannob
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPFastly
 
Rate Limiting with NGINX and NGINX Plus
Rate Limiting with NGINX and NGINX PlusRate Limiting with NGINX and NGINX Plus
Rate Limiting with NGINX and NGINX PlusNGINX, Inc.
 
Random musings on SSL/TLS configuration
Random musings on SSL/TLS configurationRandom musings on SSL/TLS configuration
Random musings on SSL/TLS configurationextremeunix
 
SF Python Meetup - Introduction to NATS Messaging with Python3
SF Python Meetup - Introduction to NATS Messaging with Python3SF Python Meetup - Introduction to NATS Messaging with Python3
SF Python Meetup - Introduction to NATS Messaging with Python3wallyqs
 
DockerCon Live 2020 - Securing Your Containerized Application with NGINX
DockerCon Live 2020 - Securing Your Containerized Application with NGINXDockerCon Live 2020 - Securing Your Containerized Application with NGINX
DockerCon Live 2020 - Securing Your Containerized Application with NGINXKevin Jones
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINXNGINX, Inc.
 
GoSF: Decoupling Services from IP networks with NATS
GoSF: Decoupling Services from IP networks with NATSGoSF: Decoupling Services from IP networks with NATS
GoSF: Decoupling Services from IP networks with NATSwallyqs
 

Recommended

How broken is TLS?
How broken is TLS?How broken is TLS?
How broken is TLS?hannob
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPFastly
 
Rate Limiting with NGINX and NGINX Plus
Rate Limiting with NGINX and NGINX PlusRate Limiting with NGINX and NGINX Plus
Rate Limiting with NGINX and NGINX PlusNGINX, Inc.
 
Random musings on SSL/TLS configuration
Random musings on SSL/TLS configurationRandom musings on SSL/TLS configuration
Random musings on SSL/TLS configurationextremeunix
 
SF Python Meetup - Introduction to NATS Messaging with Python3
SF Python Meetup - Introduction to NATS Messaging with Python3SF Python Meetup - Introduction to NATS Messaging with Python3
SF Python Meetup - Introduction to NATS Messaging with Python3wallyqs
 
DockerCon Live 2020 - Securing Your Containerized Application with NGINX
DockerCon Live 2020 - Securing Your Containerized Application with NGINXDockerCon Live 2020 - Securing Your Containerized Application with NGINX
DockerCon Live 2020 - Securing Your Containerized Application with NGINXKevin Jones
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINXNGINX, Inc.
 
GoSF: Decoupling Services from IP networks with NATS
GoSF: Decoupling Services from IP networks with NATSGoSF: Decoupling Services from IP networks with NATS
GoSF: Decoupling Services from IP networks with NATSwallyqs
 
Dhcp security #netseckh
Dhcp security #netseckhDhcp security #netseckh
Dhcp security #netseckhHEM Sothon
 
KubeConEU - NATS Deep Dive
KubeConEU - NATS Deep DiveKubeConEU - NATS Deep Dive
KubeConEU - NATS Deep Divewallyqs
 
Debugging Network Issues
Debugging Network IssuesDebugging Network Issues
Debugging Network IssuesApcera
 
NGiNX, VHOSTS & SSL (let's encrypt)
NGiNX, VHOSTS & SSL (let's encrypt)NGiNX, VHOSTS & SSL (let's encrypt)
NGiNX, VHOSTS & SSL (let's encrypt)Marcel Cattaneo
 
Using NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheUsing NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheKevin Jones
 
Delivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINXDelivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINXNGINX, Inc.
 
DoH, DoT and ESNI
DoH, DoT and ESNIDoH, DoT and ESNI
DoH, DoT and ESNIJisc
 
OSCON: Building Cloud Native Apps with NATS
OSCON: Building Cloud Native Apps with NATSOSCON: Building Cloud Native Apps with NATS
OSCON: Building Cloud Native Apps with NATSwallyqs
 
5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocitysarahnovotny
 
KubeCon NA 2018 - NATS Deep Dive: The Evolution of NATS
KubeCon NA 2018 - NATS Deep Dive: The Evolution of NATSKubeCon NA 2018 - NATS Deep Dive: The Evolution of NATS
KubeCon NA 2018 - NATS Deep Dive: The Evolution of NATSwallyqs
 
Connect Everything with NATS - Cloud Expo Europe
Connect Everything with NATS - Cloud Expo EuropeConnect Everything with NATS - Cloud Expo Europe
Connect Everything with NATS - Cloud Expo Europewallyqs
 
NATS for Rubyists - Tokyo Rubyist Meetup
NATS for Rubyists - Tokyo Rubyist MeetupNATS for Rubyists - Tokyo Rubyist Meetup
NATS for Rubyists - Tokyo Rubyist Meetupwallyqs
 
Scaling Push Messaging for Millions of Devices @Netflix
Scaling Push Messaging for Millions of Devices @NetflixScaling Push Messaging for Millions of Devices @Netflix
Scaling Push Messaging for Millions of Devices @NetflixC4Media
 
An analysis of TLS handshake proxying
An analysis of TLS handshake proxyingAn analysis of TLS handshake proxying
An analysis of TLS handshake proxyingNick Sullivan
 
CFSSL 1.1: The Evolution of a PKI toolkit - DEF CON 23
CFSSL 1.1: The Evolution of a PKI toolkit - DEF CON 23CFSSL 1.1: The Evolution of a PKI toolkit - DEF CON 23
CFSSL 1.1: The Evolution of a PKI toolkit - DEF CON 23Nick Sullivan
 
Bringing Elliptic Curve Cryptography into the Mainstream
Bringing Elliptic Curve Cryptography into the MainstreamBringing Elliptic Curve Cryptography into the Mainstream
Bringing Elliptic Curve Cryptography into the MainstreamNick Sullivan
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINXKevin Jones
 
What's New in Go Crypto - Gotham Go
What's New in Go Crypto - Gotham GoWhat's New in Go Crypto - Gotham Go
What's New in Go Crypto - Gotham GoNick Sullivan
 
Volker Fröhlich - How to Debug Common Agent Issues
Volker Fröhlich - How to Debug Common Agent IssuesVolker Fröhlich - How to Debug Common Agent Issues
Volker Fröhlich - How to Debug Common Agent IssuesZabbix
 
NGINX Plus PLATFORM For Flawless Application Delivery
NGINX Plus PLATFORM For Flawless Application DeliveryNGINX Plus PLATFORM For Flawless Application Delivery
NGINX Plus PLATFORM For Flawless Application DeliveryAshnikbiz
 
Hands-on getdns Tutorial
Hands-on getdns TutorialHands-on getdns Tutorial
Hands-on getdns TutorialShumon Huque
 
getdns PyCon presentation
getdns PyCon presentationgetdns PyCon presentation
getdns PyCon presentationMelinda Shore
 

More Related Content

What's hot

Dhcp security #netseckh
Dhcp security #netseckhDhcp security #netseckh
Dhcp security #netseckhHEM Sothon
 
KubeConEU - NATS Deep Dive
KubeConEU - NATS Deep DiveKubeConEU - NATS Deep Dive
KubeConEU - NATS Deep Divewallyqs
 
Debugging Network Issues
Debugging Network IssuesDebugging Network Issues
Debugging Network IssuesApcera
 
NGiNX, VHOSTS & SSL (let's encrypt)
NGiNX, VHOSTS & SSL (let's encrypt)NGiNX, VHOSTS & SSL (let's encrypt)
NGiNX, VHOSTS & SSL (let's encrypt)Marcel Cattaneo
 
Using NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheUsing NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheKevin Jones
 
Delivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINXDelivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINXNGINX, Inc.
 
DoH, DoT and ESNI
DoH, DoT and ESNIDoH, DoT and ESNI
DoH, DoT and ESNIJisc
 
OSCON: Building Cloud Native Apps with NATS
OSCON: Building Cloud Native Apps with NATSOSCON: Building Cloud Native Apps with NATS
OSCON: Building Cloud Native Apps with NATSwallyqs
 
5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocitysarahnovotny
 
KubeCon NA 2018 - NATS Deep Dive: The Evolution of NATS
KubeCon NA 2018 - NATS Deep Dive: The Evolution of NATSKubeCon NA 2018 - NATS Deep Dive: The Evolution of NATS
KubeCon NA 2018 - NATS Deep Dive: The Evolution of NATSwallyqs
 
Connect Everything with NATS - Cloud Expo Europe
Connect Everything with NATS - Cloud Expo EuropeConnect Everything with NATS - Cloud Expo Europe
Connect Everything with NATS - Cloud Expo Europewallyqs
 
NATS for Rubyists - Tokyo Rubyist Meetup
NATS for Rubyists - Tokyo Rubyist MeetupNATS for Rubyists - Tokyo Rubyist Meetup
NATS for Rubyists - Tokyo Rubyist Meetupwallyqs
 
Scaling Push Messaging for Millions of Devices @Netflix
Scaling Push Messaging for Millions of Devices @NetflixScaling Push Messaging for Millions of Devices @Netflix
Scaling Push Messaging for Millions of Devices @NetflixC4Media
 
An analysis of TLS handshake proxying
An analysis of TLS handshake proxyingAn analysis of TLS handshake proxying
An analysis of TLS handshake proxyingNick Sullivan
 
CFSSL 1.1: The Evolution of a PKI toolkit - DEF CON 23
CFSSL 1.1: The Evolution of a PKI toolkit - DEF CON 23CFSSL 1.1: The Evolution of a PKI toolkit - DEF CON 23
CFSSL 1.1: The Evolution of a PKI toolkit - DEF CON 23Nick Sullivan
 
Bringing Elliptic Curve Cryptography into the Mainstream
Bringing Elliptic Curve Cryptography into the MainstreamBringing Elliptic Curve Cryptography into the Mainstream
Bringing Elliptic Curve Cryptography into the MainstreamNick Sullivan
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINXKevin Jones
 
What's New in Go Crypto - Gotham Go
What's New in Go Crypto - Gotham GoWhat's New in Go Crypto - Gotham Go
What's New in Go Crypto - Gotham GoNick Sullivan
 
Volker Fröhlich - How to Debug Common Agent Issues
Volker Fröhlich - How to Debug Common Agent IssuesVolker Fröhlich - How to Debug Common Agent Issues
Volker Fröhlich - How to Debug Common Agent IssuesZabbix
 
NGINX Plus PLATFORM For Flawless Application Delivery
NGINX Plus PLATFORM For Flawless Application DeliveryNGINX Plus PLATFORM For Flawless Application Delivery
NGINX Plus PLATFORM For Flawless Application DeliveryAshnikbiz
 

What's hot (20)

Dhcp security #netseckh
Dhcp security #netseckhDhcp security #netseckh
Dhcp security #netseckh
 
KubeConEU - NATS Deep Dive
KubeConEU - NATS Deep DiveKubeConEU - NATS Deep Dive
KubeConEU - NATS Deep Dive
 
Debugging Network Issues
Debugging Network IssuesDebugging Network Issues
Debugging Network Issues
 
NGiNX, VHOSTS & SSL (let's encrypt)
NGiNX, VHOSTS & SSL (let's encrypt)NGiNX, VHOSTS & SSL (let's encrypt)
NGiNX, VHOSTS & SSL (let's encrypt)
 
Using NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheUsing NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content Cache
 
Delivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINXDelivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINX
 
DoH, DoT and ESNI
DoH, DoT and ESNIDoH, DoT and ESNI
DoH, DoT and ESNI
 
OSCON: Building Cloud Native Apps with NATS
OSCON: Building Cloud Native Apps with NATSOSCON: Building Cloud Native Apps with NATS
OSCON: Building Cloud Native Apps with NATS
 
5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity
 
KubeCon NA 2018 - NATS Deep Dive: The Evolution of NATS
KubeCon NA 2018 - NATS Deep Dive: The Evolution of NATSKubeCon NA 2018 - NATS Deep Dive: The Evolution of NATS
KubeCon NA 2018 - NATS Deep Dive: The Evolution of NATS
 
Connect Everything with NATS - Cloud Expo Europe
Connect Everything with NATS - Cloud Expo EuropeConnect Everything with NATS - Cloud Expo Europe
Connect Everything with NATS - Cloud Expo Europe
 
NATS for Rubyists - Tokyo Rubyist Meetup
NATS for Rubyists - Tokyo Rubyist MeetupNATS for Rubyists - Tokyo Rubyist Meetup
NATS for Rubyists - Tokyo Rubyist Meetup
 
Scaling Push Messaging for Millions of Devices @Netflix
Scaling Push Messaging for Millions of Devices @NetflixScaling Push Messaging for Millions of Devices @Netflix
Scaling Push Messaging for Millions of Devices @Netflix
 
An analysis of TLS handshake proxying
An analysis of TLS handshake proxyingAn analysis of TLS handshake proxying
An analysis of TLS handshake proxying
 
CFSSL 1.1: The Evolution of a PKI toolkit - DEF CON 23
CFSSL 1.1: The Evolution of a PKI toolkit - DEF CON 23CFSSL 1.1: The Evolution of a PKI toolkit - DEF CON 23
CFSSL 1.1: The Evolution of a PKI toolkit - DEF CON 23
 
Bringing Elliptic Curve Cryptography into the Mainstream
Bringing Elliptic Curve Cryptography into the MainstreamBringing Elliptic Curve Cryptography into the Mainstream
Bringing Elliptic Curve Cryptography into the Mainstream
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINX
 
What's New in Go Crypto - Gotham Go
What's New in Go Crypto - Gotham GoWhat's New in Go Crypto - Gotham Go
What's New in Go Crypto - Gotham Go
 
Volker Fröhlich - How to Debug Common Agent Issues
Volker Fröhlich - How to Debug Common Agent IssuesVolker Fröhlich - How to Debug Common Agent Issues
Volker Fröhlich - How to Debug Common Agent Issues
 
NGINX Plus PLATFORM For Flawless Application Delivery
NGINX Plus PLATFORM For Flawless Application DeliveryNGINX Plus PLATFORM For Flawless Application Delivery
NGINX Plus PLATFORM For Flawless Application Delivery
 

Similar to DNS / DNSSEC / DANE / DPRIVE Results at IETF93 Hackathon

Hands-on getdns Tutorial
Hands-on getdns TutorialHands-on getdns Tutorial
Hands-on getdns TutorialShumon Huque
 
getdns PyCon presentation
getdns PyCon presentationgetdns PyCon presentation
getdns PyCon presentationMelinda Shore
 
Encrypted DNS - DNS over TLS / DNS over HTTPS
Encrypted DNS - DNS over TLS / DNS over HTTPSEncrypted DNS - DNS over TLS / DNS over HTTPS
Encrypted DNS - DNS over TLS / DNS over HTTPSAlex Mayrhofer
 
How to send DNS over anything encrypted
How to send DNS over anything encryptedHow to send DNS over anything encrypted
How to send DNS over anything encryptedMen and Mice
 
Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)
Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)
Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)Dan York
 
Nginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixNginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixHarald Zeitlhofer
 
COSCUP 2019 - CDN in an Edge Box
COSCUP 2019 - CDN in an Edge BoxCOSCUP 2019 - CDN in an Edge Box
COSCUP 2019 - CDN in an Edge BoxShihta Kuan
 
TIAD 2016 : Application delivery in a container world
TIAD 2016 : Application delivery in a container worldTIAD 2016 : Application delivery in a container world
TIAD 2016 : Application delivery in a container worldThe Incredible Automation Day
 
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto Docker, Inc.
 
DANE and Application Uses of DNSSEC
DANE and Application Uses of DNSSECDANE and Application Uses of DNSSEC
DANE and Application Uses of DNSSECShumon Huque
 
DNSSEC signing Tutorial
DNSSEC signing Tutorial DNSSEC signing Tutorial
DNSSEC signing Tutorial Men and Mice
 
Windows Server 2016 Webinar
Windows Server 2016 WebinarWindows Server 2016 Webinar
Windows Server 2016 WebinarMen and Mice
 
Securing Network Access with Open Source solutions
Securing Network Access with Open Source solutionsSecuring Network Access with Open Source solutions
Securing Network Access with Open Source solutionsNick Owen
 
What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?NGINX, Inc.
 
NGINX Installation and Tuning
NGINX Installation and TuningNGINX Installation and Tuning
NGINX Installation and TuningNGINX, Inc.
 

Similar to DNS / DNSSEC / DANE / DPRIVE Results at IETF93 Hackathon (20)

Hands-on getdns Tutorial
Hands-on getdns TutorialHands-on getdns Tutorial
Hands-on getdns Tutorial
 
getdns PyCon presentation
getdns PyCon presentationgetdns PyCon presentation
getdns PyCon presentation
 
Encrypted DNS - DNS over TLS / DNS over HTTPS
Encrypted DNS - DNS over TLS / DNS over HTTPSEncrypted DNS - DNS over TLS / DNS over HTTPS
Encrypted DNS - DNS over TLS / DNS over HTTPS
 
Introduction To The DANE Protocol (DNSSEC)
Introduction To The DANE Protocol (DNSSEC)Introduction To The DANE Protocol (DNSSEC)
Introduction To The DANE Protocol (DNSSEC)
 
ION Sri Lanka - DANE: The Future of TLS
ION Sri Lanka - DANE: The Future of TLSION Sri Lanka - DANE: The Future of TLS
ION Sri Lanka - DANE: The Future of TLS
 
ION Bucharest - Deploying DNSSEC
ION Bucharest - Deploying DNSSECION Bucharest - Deploying DNSSEC
ION Bucharest - Deploying DNSSEC
 
How to send DNS over anything encrypted
How to send DNS over anything encryptedHow to send DNS over anything encrypted
How to send DNS over anything encrypted
 
IoT Secure Bootsrapping : ideas
IoT Secure Bootsrapping : ideasIoT Secure Bootsrapping : ideas
IoT Secure Bootsrapping : ideas
 
Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)
Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)
Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)
 
Nginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixNginx, PHP, Apache and Spelix
Nginx, PHP, Apache and Spelix
 
COSCUP 2019 - CDN in an Edge Box
COSCUP 2019 - CDN in an Edge BoxCOSCUP 2019 - CDN in an Edge Box
COSCUP 2019 - CDN in an Edge Box
 
TIAD 2016 : Application delivery in a container world
TIAD 2016 : Application delivery in a container worldTIAD 2016 : Application delivery in a container world
TIAD 2016 : Application delivery in a container world
 
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
 
8 technical-dns-workshop-day4
8 technical-dns-workshop-day48 technical-dns-workshop-day4
8 technical-dns-workshop-day4
 
DANE and Application Uses of DNSSEC
DANE and Application Uses of DNSSECDANE and Application Uses of DNSSEC
DANE and Application Uses of DNSSEC
 
DNSSEC signing Tutorial
DNSSEC signing Tutorial DNSSEC signing Tutorial
DNSSEC signing Tutorial
 
Windows Server 2016 Webinar
Windows Server 2016 WebinarWindows Server 2016 Webinar
Windows Server 2016 Webinar
 
Securing Network Access with Open Source solutions
Securing Network Access with Open Source solutionsSecuring Network Access with Open Source solutions
Securing Network Access with Open Source solutions
 
What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?
 
NGINX Installation and Tuning
NGINX Installation and TuningNGINX Installation and Tuning
NGINX Installation and Tuning
 

More from Dan York

Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible)
Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible) Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible)
Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible) Dan York
 
SIPNOC 2014 - Is It Time For TLS for SIP?
SIPNOC 2014 - Is It Time For TLS for SIP?SIPNOC 2014 - Is It Time For TLS for SIP?
SIPNOC 2014 - Is It Time For TLS for SIP?Dan York
 
A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?
A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?
A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?Dan York
 
Open Source and The Global Disruption Of Telecom: What Choices Will We Make?
Open Source and The Global Disruption Of Telecom: What Choices Will We Make?Open Source and The Global Disruption Of Telecom: What Choices Will We Make?
Open Source and The Global Disruption Of Telecom: What Choices Will We Make?Dan York
 
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...Dan York
 
How IPv6 Will Kill Telecom - And What We Need To Do About It
How IPv6 Will Kill Telecom - And What We Need To Do About ItHow IPv6 Will Kill Telecom - And What We Need To Do About It
How IPv6 Will Kill Telecom - And What We Need To Do About ItDan York
 
SIP, Unified Communications (UC) and Security
SIP, Unified Communications (UC) and SecuritySIP, Unified Communications (UC) and Security
SIP, Unified Communications (UC) and SecurityDan York
 
ClueCon2009: The Security Saga of SysAdmin Steve
ClueCon2009: The Security Saga of SysAdmin SteveClueCon2009: The Security Saga of SysAdmin Steve
ClueCon2009: The Security Saga of SysAdmin SteveDan York
 
SIP Trunking & Security in an Enterprise Network
SIP Trunking & Security in an Enterprise NetworkSIP Trunking & Security in an Enterprise Network
SIP Trunking & Security in an Enterprise NetworkDan York
 
OSCON 2008: Mashing Up Voice and the Web Using Open Source and XML
OSCON 2008: Mashing Up Voice and the Web Using Open Source and XMLOSCON 2008: Mashing Up Voice and the Web Using Open Source and XML
OSCON 2008: Mashing Up Voice and the Web Using Open Source and XMLDan York
 
IP Telephony Security 101
IP Telephony Security 101IP Telephony Security 101
IP Telephony Security 101Dan York
 
Recording Remote Hosts/Interviews with VoIP/Skype
Recording Remote Hosts/Interviews with VoIP/SkypeRecording Remote Hosts/Interviews with VoIP/Skype
Recording Remote Hosts/Interviews with VoIP/SkypeDan York
 
Hacking and Attacking VoIP Systems - What You Need To Know
Hacking and Attacking VoIP Systems - What You Need To KnowHacking and Attacking VoIP Systems - What You Need To Know
Hacking and Attacking VoIP Systems - What You Need To KnowDan York
 
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best Practices
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best PracticesE Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best Practices
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best PracticesDan York
 
BLISS Problem Statement and Motivation
BLISS Problem Statement and MotivationBLISS Problem Statement and Motivation
BLISS Problem Statement and MotivationDan York
 
ETel2007: The Black Bag Security Review (VoIP Security)
ETel2007: The Black Bag Security Review (VoIP Security)ETel2007: The Black Bag Security Review (VoIP Security)
ETel2007: The Black Bag Security Review (VoIP Security)Dan York
 

More from Dan York (16)

Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible)
Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible) Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible)
Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible)
 
SIPNOC 2014 - Is It Time For TLS for SIP?
SIPNOC 2014 - Is It Time For TLS for SIP?SIPNOC 2014 - Is It Time For TLS for SIP?
SIPNOC 2014 - Is It Time For TLS for SIP?
 
A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?
A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?
A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?
 
Open Source and The Global Disruption Of Telecom: What Choices Will We Make?
Open Source and The Global Disruption Of Telecom: What Choices Will We Make?Open Source and The Global Disruption Of Telecom: What Choices Will We Make?
Open Source and The Global Disruption Of Telecom: What Choices Will We Make?
 
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...
 
How IPv6 Will Kill Telecom - And What We Need To Do About It
How IPv6 Will Kill Telecom - And What We Need To Do About ItHow IPv6 Will Kill Telecom - And What We Need To Do About It
How IPv6 Will Kill Telecom - And What We Need To Do About It
 
SIP, Unified Communications (UC) and Security
SIP, Unified Communications (UC) and SecuritySIP, Unified Communications (UC) and Security
SIP, Unified Communications (UC) and Security
 
ClueCon2009: The Security Saga of SysAdmin Steve
ClueCon2009: The Security Saga of SysAdmin SteveClueCon2009: The Security Saga of SysAdmin Steve
ClueCon2009: The Security Saga of SysAdmin Steve
 
SIP Trunking & Security in an Enterprise Network
SIP Trunking & Security in an Enterprise NetworkSIP Trunking & Security in an Enterprise Network
SIP Trunking & Security in an Enterprise Network
 
OSCON 2008: Mashing Up Voice and the Web Using Open Source and XML
OSCON 2008: Mashing Up Voice and the Web Using Open Source and XMLOSCON 2008: Mashing Up Voice and the Web Using Open Source and XML
OSCON 2008: Mashing Up Voice and the Web Using Open Source and XML
 
IP Telephony Security 101
IP Telephony Security 101IP Telephony Security 101
IP Telephony Security 101
 
Recording Remote Hosts/Interviews with VoIP/Skype
Recording Remote Hosts/Interviews with VoIP/SkypeRecording Remote Hosts/Interviews with VoIP/Skype
Recording Remote Hosts/Interviews with VoIP/Skype
 
Hacking and Attacking VoIP Systems - What You Need To Know
Hacking and Attacking VoIP Systems - What You Need To KnowHacking and Attacking VoIP Systems - What You Need To Know
Hacking and Attacking VoIP Systems - What You Need To Know
 
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best Practices
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best PracticesE Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best Practices
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best Practices
 
BLISS Problem Statement and Motivation
BLISS Problem Statement and MotivationBLISS Problem Statement and Motivation
BLISS Problem Statement and Motivation
 
ETel2007: The Black Bag Security Review (VoIP Security)
ETel2007: The Black Bag Security Review (VoIP Security)ETel2007: The Black Bag Security Review (VoIP Security)
ETel2007: The Black Bag Security Review (VoIP Security)
 

Recently uploaded

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 

Recently uploaded (20)

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 

DNS / DNSSEC / DANE / DPRIVE Results at IETF93 Hackathon

  • 1. DNS  /  DNSSEC  /  DANE  /  DPRIVE   Results  at  IETF  93  Hackathon   18-­‐19  July  2015   Prague,  Czech  Republic  
  • 2. Summary  –  What  We  Are  Working  On   Web   Server   Web   Browser   &  stub   resolver   hTps://example.com/   web  page   DNS   Resolver   +   ValidaZon   10.1.1.123   DNSKEY   RRSIGs   1 25 6 DNS  Svr   example.com   DNS  Svr   .com   DNS  Svr   root   3 10.1.1.123   4 example.com   NS   DS   .com   NS   DS   example.com?   INTEGRITY  –  DNSSEC  TRUST  IN  TLS  -­‐  DANE   CONFIDENTIALITY  -­‐  DPRIVE  
  • 3. DNS  at  #IETFHackathon  at  #IETF93   •  Visual  interface  to  show  what  DNSSEC  algorithms  are  supported   by  a  DNS  resolver   •  Tool  to  test  for  DNSSEC  roadblocks   –  dra_-­‐ie`-­‐dnsop-­‐dnssec-­‐roadblock-­‐avoidance   •  Prototype  web  server  implementaLon  –  TLS  extension  to  deliver   DNSSEC  authenLcaLon  chain  to  client   –  dra_-­‐shore-­‐tls-­‐dnssec-­‐chain-­‐extension   •  DNS  confidenLality/privacy  (DPRIVE)   –  Fixed  opportunisZc  TLS  in  both  getdns  and  Unbound  to  be  strict   authenZcated  TLS   1.  Added  funcZonality  to  getdns  API  to  authenZcate  TLS  server.     2.  Patched  Unbound  server:  forward-­‐secret  key  exchange;  enabled   sending  full  TLS  cerZficate  chain  in  handshake   •  JSON  interface  to  IANA  registry  of  DNSSEC  algorithms  
  • 4. Public  releases   •  Visual  interface  to  check  DNSSEC  algorithms   –  hTps://github.com/ogud/DNSSEC_ALG_Check     –  hTps://github.com/getdnsapi/IETF93HackathonNode     •  Tool  to  test  for  DNSSEC  roadblock  avoidance   –  hTps://www.ie`.org/registraZon/MeeZngWiki/wiki/ dnsresolvercapabiliZes   –  hSps://getdnsapi.net/roadblock.php     –  hTps://github.com/getdnsapi/IETF93HackathonPHP     •  DNS  confidenZality/privacy  -­‐  TLS   –  Patches  going  into  next  release  of  getdns  API   –  Patch  available  for  Unbound   •  JSON  interface  to  IANA  registry  of  DNSSEC  algorithms   –  hTps://github.com/danyork/dnssec-­‐algs-­‐json    
  • 5. Tool  to  test  DNSSEC  algorithm  support   •  Implemented  in  Node.js  using  getdns  API  
  • 6. Tool  to  test  DNSSEC  Roadblocks   •  Implemented  in  PHP  using  getdns  API  
  • 7. DNS  Hackers   •  Sara  Dickinson   •  Daniel  Kahn  Gillmor   (dkg)   •  Ólafur  Guðmundsson   •  Shumon  Huque   •  Allison  Mankin   •  Benno  Overeinder   •  Wendy  Seltzer   •  Willem  Toorop   •  Gowri  Visweswaran   •  Tim  Wicinski   •  Dan  York