DNSSEC Exposed - Deploying DNSSEC in Real Life

Alan Clegg (Internet Systems Consortium)
Location: D135
Tags: security, dns
Average rating: ****.
(4.50, 4 ratings)

The DNS Security protocols – codenamed DNSSEC – were more than a decade in the making, and have been tested and re-tested and studied and documented. They work. They do the job. They make DNS secure. Their use for critical government and enterprise infrastructure has been a good idea for several years now. For many government agencies, DNSSEC deployment has become a mandate.

Alas, DNSSEC isn’t being used as much as it should, because it scares people. The problem is that DNSSEC seems to be very complicated and the documentation sometimes feels like it should be part of the Tax Code.

ISC is one of the leading experts on the deployment and use of DNSSEC. We can teach you how to use it without novocaine. To use DNSSEC, you need to digitally sign your DNS data (your “zone”), and then provide a means by which a suspicious client computer can verify the signature. We’ll walk you through setting this up and turning it on.

Photo of Alan Clegg

Alan Clegg

Internet Systems Consortium

Alan Clegg has over 20 years providing support and management of Internet facing systems. As a Dale Carnegie trained public speaker, Alan has provided tailored learning experiences to corporations (Banc One, Jefferson Pilot Communications), at conventions and meetings (BSDcon, InfraGard, HTCIA), and as part of his job with Berkeley Software Design.

During the NSF funded rollout of Internet access to higher education, Alan assisted in the deployment of “high speed” (56k!) network access to all 2 and 4 year degree granting, publicly funded colleges and universities in North Carolina. Later, as a member of the technical staff of Berkeley Software Design, he provided training and support for the BSD/OS and FreeBSD operating systems. More recently, Alan was a member of the senior engineering team at Hosted Solutions, a data center solutions provider with multiple data centers in North Carolina and Massachusetts.

Since joining the Internet Systems Consortium staff in 2007, Alan has been creating and providing workshops and training for ISC customers and users. The training includes a 5-day DNS and BIND class, a 3-day DNSSEC workshop and a 2-day ISC DHCP course. These classes and workshops have been delivered across the globe to private corporations, such as Telstra, Cloudshield and Neustar and publicly to a vast array of system administrators and network operators.

Serving as a volunteer firefighter for over 21 years, Alan became an American Red Cross Disaster Services volunteer following hurricane Katrina. He is also a trainer for the FEMA Community Emergency Response Team, specializing in CERT response to acts of terrorism.

  • Intel
  • Microsoft
  • Google
  • Facebook
  • Rackspace Hosting
  • (mt) Media Temple, Inc.
  • ActiveState
  • CommonPlaces
  • DB Relay
  • FireHost
  • GoDaddy
  • HP
  • HTSQL by Prometheus Research
  • Impetus Technologies Inc.
  • Infobright, Inc
  • JasperSoft
  • Kaltura
  • Marvell
  • Mashery
  • NorthScale, Inc.
  • Open Invention Network
  • OpSource
  • Oracle
  • Parallels
  • PayPal
  • Percona
  • Qualcomm Innovation Center, Inc.
  • Rhomobile
  • Schooner Information Technology
  • Silicon Mechanics
  • SourceGear
  • Symbian
  • VoltDB
  • WSO2
  • Linux Pro Magazine

Sponsorship Opportunities

For information on exhibition and sponsorship opportunities at the conference, contact Sharon Cordesse at scordesse@oreilly.com

Download the OSCON Sponsor/Exhibitor Prospectus

Media Partner Opportunities

Download the Media & Promotional Partner Brochure (PDF) for information on trade opportunities with O'Reilly conferences or contact mediapartners@ oreilly.com

Press and Media

For media-related inquiries, contact Maureen Jennings at maureen@oreilly.com

OSCON Newsletter

To stay abreast of conference news and to receive email notification when registration opens, please sign up for the OSCON Newsletter (login required)

OSCON 2.0 Ideas

Have an idea for OSCON to share? oscon-idea@oreilly.com

Contact Us

View a complete list of OSCON contacts