Call for Participation -- ICANN DNSSEC Workshop at ICANN 56 
in Helsinki, Finland

The DNSSEC Deployment Initiative and the Internet Society Deploy360
Programme, in cooperation with the ICANN Security and Stability
Advisory Committee (SSAC), are planning a DNSSEC Workshop at the ICANN
56 meeting on 27 June 2016 in Helsinki, Finland.  The DNSSEC Workshop
has been a part of ICANN meetings for several years and has provided a
forum for both experienced and new people to meet, present and discuss
current and future DNSSEC deployments.  For reference, the most recent
session was held at the ICANN meeting in Marrakech, Morocco on 09
March 2016. The presentations and transcripts are available at:
https://meetings.icann.org/en/marrakech55/schedule/wed-dnssec .

Examples of the types of topics we are seeking include:

1. DNSSEC Deployment Challenges

The program committee is seeking input from those that are interested
in implementation of DNSSEC but have general or particular concerns
with DNSSEC.  In particular, we are seeking input from individuals
that would be willing to participate in a panel that would discuss
questions of the nature:

 - What are your most significant concerns with DNSSEC, e.g.,
    implementation, operation or something else?

 -  What do you expect DNSSEC to do for you and what doesn't it do?

 - What do you see as the most important trade-offs with respect to
    doing or not doing DNSSEC?

We are interested in presentations related to any aspect of DNSSEC
such as zone signing, DNS response validation, applications use of
DNSSEC, registry/registrar DNSSEC activities, etc.

2.  DNSSEC by Default

As more and more applications and systems are available with DNSSEC
enabled by default, the vast majority of today's applications support
DNSSEC but are not DNSSEC enabled by default.  Are we ready to enable
DNSSEC by default in all applications and services. We are interested
in presentations by implementors on the reasoning that led to enable
DNSSEC by default in their product or service.  We are also interested
in understanding those that elected not to enable DNSSEC by default
and why, and what their plans are.

3. DNSSEC Encryption Algorithms

How do we make DNSSEC even more secure through the use of elliptic
curve cryptography? What are the advantages of algorithms based on
elliptic curves? And what steps need to happen to make this a reality?
What challenges lie in the way?  Over the past few months there have
been discussions within the DNSSEC community about how we start down
the path toward adding support for new cryptographic algorithms such
as Ed25519 and Ed448. At ICANN 55 in Marrakech we had a panel session
that explored why elliptic curve cryptography was interesting and some
high level views on what needs to happen.  At ICANN 56 we are
interested in presentations that dive into greater detail about what
needs to be done and how we start the process. More background
information can be found in this document:
https://datatracker.ietf.org/doc/draft-york-dnsop-deploying-dnssec-crypto-algs/

In addition, we welcome suggestions for additional topics.

If you are interested in participating, please send a brief (1-2
sentence) description of your proposed presentation to
dnssec-helsinki@isoc.org by **Wednesday, 18 May 2016**

We hope that you can join us.

Thank you,
Julie Hedlund

On behalf of the DNSSEC Workshop Program Committee:

Mark Elkins, DNS/ZACR
Cath Goulding, Nominet UK
Jean Robert Hountomey, AfricaCERT
Jacques Latour, .CA
Xiaodong Lee, CNNIC
Luciano Minuchin, NIC.AR
Russ Mundy, Parsons
Ondřej Surý, CZ.NIC
Yoshiro Yoneya, JPRS
Dan York, Internet Society