We had a full-day program so we covered topics including IPv6, DNSSEC, Securing BGP, and TLS for Applications.
ION Conferences bring network engineers and leading industry experts together to discuss emerging technologies and hot technology topics. Early adopters provide valuable insight into their own deployment experiences and bring participants up to speed on new standards emerging from the IETF.
ION lets network operators stay ahead of the curve to understand and deploy emerging Internet technologies, and presents a unique opportunity to discuss the future of the Internet with the people who help craft it. More than a simple lecture series, ION events provide hands-on interaction with our speakers so you walk away with the answers you need to deploy new standards and technologies on your own networks.
Events bring together the best and brightest from the Internet industry to learn about the latest news, ideas, and technologies in a relaxed and educational atmosphere.
Agenda
| TIME | SCHEMA |
| 9:00 AM | Introduction to the Internet Society and Deploy360 Megan Kruse, Internet Society Presentation |
| 9:15 AM | Introduction to the Internet Society Malta Chapter Jasper Schellekens, President |
| 9:30 AM | IPv6 Deployment in Malta vs The World It’s been five years since World IPv6 Launch, when thousands of Internet Service Providers, home networking equipment manufacturers, and web companies around the world came together to permanently enable IPv6 on their products and services. Where are we now on the path to full global IPv6 adoption? We’ll discuss the current state of IPv6 adoption, within Malta and around the world. Nathalie Trenaman, RIPE NCCMANRS, Routing Security, and Collaboration Presentation |
| 10:00 AM | An IPv6 Case Study: Finland The Finnish national IPv6 launch (www.ipv6now.fi) was organized in 2015 and the share of the IPv6 traffic grew from zero to more than 15%. How we did it and lessons learned. Industry wide co-operation is crucial as are leader companies to build peer pressure. I will present a short case study from one of our ISPs including a brief description of the main challenges and benefits. Also the national IPv6 implementation recommendation will be shortly presented. Klaus Nieminen, Finnish Communications Regulatory Authority (FICORA) Presentation |
| 10:30 AM | BREAK |
| 11:00 AM | Panel Discussion: MANRS, Routing Security, and Collaboration Collaboration and shared responsibility are two pillars supporting the Internet’s growth and success. While the global routing system has worked well, it has significant security challenges that we must address. In this panel, security experts will discuss how we can create a culture of collective responsibility and improve the global routing system, including an introduction to the “Mutually Agreed Norms for Routing Security” (MANRS). Kevin Meynell, Internet Society; Marco d’Itri Presentation 1 / Presentation 2 |
| 11:45 AM | Introduction to DNSSEC and Why We Need It DNSSEC helps prevent attackers from subverting and modifying DNS messages and sending users to wrong (and potentially malicious) sites. So what needs to be done for DNSSEC to be deployed on a large scale? We’ll discuss the reasons for deploying DNSSEC, examine some of the challenges operators have faced, and address those challenges and move deployment forward. Richard Lamb, ICANN Presentation |
| 12:15 PM | LUNCH |
| 1:30 PM | What’s Happening at the IETF? Internet Standards and How to Get Involved What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions. Kevin Meynell, Internet Society Presentation |
| 2:00 PM | IANA Transition – Enhanced Roles and Accountability The IANA transition was successfully completed in October 2016 creating strengthened relationships between the IETF (Internet protocols and standards), Regional Internet Registries RIRs (IP addresses), and ccTLD and gTLD operators and TLD community and ICANN. A new organisation, Public Technical Identifiers (PTI), an affiliate of ICANN, is now responsible for performing the IANA functions and delivering the IANA Services on behalf of ICANN. The session will discuss these new arrangements and how they have enhanced ICANN’s accountability and transparency to the global Internet community. The session will also describe how ICANN is preparing for the Root KSK Rollover. Adam Peake, ICANN Presentation |
| 2:30 PM | DANE: The Future of Transport Layer Security (TLS) If you connect to a “secure” server using TLS/SSL (such as a web server, email server or xmpp server), how do you know you are using the correct certificate? With DNSSEC now being deployed, “DANE” (“DNS-Based Authentication of Named Entities”) has emerged allowing you to securely specify exactly which TLS/SSL certificate an application should use to connect to your site. DANE has great potential to make the Internet much more secure by marrying the strong integrity protection of DNSSEC with the confidentiality of SSL/TLS certificates. In this session, we will explain how DANE works and how you can use it to secure your websites, email, XMPP, VoIP, and other web services. Richard Lamb, ICANN Presentation |
| 3:00 PM | BREAK |
| 3:30 PM | Data Center Tour Guided tour of MITA’s facilities. |
| 4:00 PM | Panel Discussion: IPv6 Success Stories In this session, network operators will share their IPv6 success stories and lessons learned along the way that can help other managers of networks deploy IPv6. How did they do it? What technical, organizational, and political challenges did they face? Panelists will discuss the stages of IPv6 implementation—creating the business case for management buy-in, initiating a planning process, flipping the switch, and, finally, gathering measurements and proving success. Moderator: Clara Scerri Delia, MCA Panelists: Marco d’Itri, Bernard Mallia, Klaus Nieminen, Adam Peake Presentation |
| 5:00 PM | Closing Remarks Megan Kruse, Internet Society Presentation |
DNSSEC Workshop
Tuesday, 19 September 2017
Richard Lamb, Sr. Program Manager DNSSEC at ICANN
For full agenda details, see https://www.co.tt/mtisoc/.
09:00-17:00
- Welcome by ISOC Malta Chapter
- Intro to Lab Environment. Class Network Diagram
- Lab: DNS “dig”
- DNSSEC Protocol Detail and Deployment
- Lab: Sign a zone ( Elliptic )
- Enabling validation on your resolver
- Lab: Manual Key (ZSK) Rollover
- Lab: Manual Key (KSK) Rollover Double, Pre-Pub
- Implementation Considerations and Risk Analysis Goals, Trust, Cost, DPS, KC, emergency procedures…
- A Good Example
- DNSSEC Operational Practices, Version 2 (RFC6781)
- Overview of TLD deployments
- Other rollover mechanisms (RFC5011 (root), RFC8078 (CDS), Algorithm …)
- [If time permits] Lab: KNOT automated signing
