From owner-dns-security Mon Jan 4 12:11:48 1999 Received: by portal.ex.tis.com (8.9.1/8.9.1) id MAA21233 for dns-security-outgoing; Mon, 4 Jan 1999 12:08:54 -0500 (EST) Message-Id: X-Sender: balenson@pop.hq.tis.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0 Date: Mon, 04 Jan 1999 12:26:27 -0500 To: dns-security@tis.com From: "David M. Balenson" Subject: REMINDER: Jan 6th Early Bird Deadline for NDSS '99 Cc: balenson@tis.com Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=====================_915488787==_" Sender: owner-dns-security@ex.tis.com Precedence: bulk --=====================_915488787==_ Content-Type: text/plain; charset="us-ascii" --=====================_915488787==_ Content-Type: text/plain; charset="us-ascii" S A V E $ 7 0 O F F R E G I S T R A T I O N F E E ! ! R E G I S T E R B Y J A N U A R Y 6 , 1 9 9 9 THE INTERNET SOCIETY'S 1999 NETWORK AND DISTRIBUTED SYSTEM SECURITY (NDSS) SYMPOSIUM February 3-5, 1999 Catamaran Resort Hotel San Diego, California General Chair: Steve Welke, Trusted Computer Solutions Program Chairs: Steve Kent, BBN Technologies Gene Tsudik, USC/Information Sciences Institute ONLINE INFORMATION AND REGISTRATION: http://www.isoc.org/ndss99 KEYNOTE SPEAKER: Whitfield Diffie, Sun Microsystems. Co-author of "Privacy on the Line: The Politics of Wiretapping and Encryption." THIS YEAR'S TOPICS INCLUDE: - Secure Password-Based Protocol for Downloading a Private Key - A Real-World Analysis of Kerberos Password Security - Secure Remote Access to an Internal Web Server - Security and the User - Experimenting with Shared Generation of RSA Keys - Addressing the Problem of Undetected Signature Key Compromise - Practical Approach to Anonymity in Large Scale Electronic Voting Schemes - Securing the Internet's Exterior Routing Infrastructure - Distributed Policy Management for Java 1.2 - Distributed Execution with Remote Audit - An Algebra for Assessing Trust in Certification Chains - A Network Security Research Agenda - PGRIP: PNNI Global Routing Infrastructure Protection - A Cryptographic Countermeasure Against Connection Depletion Attacks - IPSec: Friend or Foe? EXPANDED PRE-CONFERENCE TECHNICAL TUTORIALS: - Principles of Network Security (Dr. Stephen T. Kent, BBN Technologies) - Optical Network Security (Jeff Ingle and Dr. Eric Harder, NSA) - Electronic Payment Systems (Dr. B. Clifford Neuman, USC/ISI) - Windows NT Security (Dominique Brezinski, Secure Computing Corp.) - Web Security and Beyond (Dr. B. Clifford Neuman, USC/ISI) - JAVA Security (Dr. Gary McGraw, Reliable Software Technologies) Full details and biographies at http://www.isoc.org/ndss99/technical.shtml --=====================_915488787==_ Content-Type: text/plain; charset="us-ascii" ---------------------------------------------------------------------- David M. Balenson, Publicity Chair, NDSS '99 TIS Labs at Network Associates, Inc. 3060 Washington Road, Suite 100, Glenwood, MD 21738 USA balenson@tis.com; 443-259-2358; fax 301-854-4731 --=====================_915488787==_-- From owner-dns-security Fri Jan 22 14:04:34 1999 Received: by portal.ex.tis.com (8.9.1/8.9.1) id NAA24337 for dns-security-outgoing; Fri, 22 Jan 1999 13:58:31 -0500 (EST) Message-Id: <199901221830.NAA26592@ietf.org> To: IETF-Announce:; Cc: RFC Editor Cc: Internet Architecture Board Cc: dns-security@tis.com From: The IESG Subject: Protocol Action: Domain Name System Security Extensions to Proposed Standard Date: Fri, 22 Jan 1999 13:30:14 -0500 Sender: owner-dns-security@ex.tis.com Precedence: bulk The IESG has approved publication of the following Internet-Drafts as Proposed Standards: o Domain Name System Security Extensions o DSA KEYs and SIGs in the Domain Name System o RSA/MD5 KEYs and SIGs in the Domain Name System (DNS) o Storing Certificates in the Domain Name System (DNS) o Storage of Diffie-Hellman Keys in the Domain Name System (DNS) The IESG also approved publication of the following as Experimental: o Detached Domain Name System (DNS) Information and the publication of DNS Operational Security Considerations as Informational. These documents are the product of the Domain Name System Security Working Group. The IESG contact persons are Jeffrey Schiller and Marcus Leech. Technical Summary These documents define mechanisms that provide data security for the DNS infrastructure. They define a system for establishing a loose trust hierarchy using public-key technologies. New RR types are defined, most notably "KEY" and "SIG" RR types to provide for digital signatures over collections of RRs protected by the "SIG". A happy side effect is that this system allows the secure publication of public-keys, much like the X.509/X.500 scheme. Working Group Summary The working group chair reports that rough consensus exists for these documents. An issue of potential patent problems from Cylink was raised during IETF last-call, but the issue was found to be without merit--DNS defines only a storage mechanism for Diffie-Hellman keys; a compliant implementation need only store DH keys, not engage in any DH protocol. Protocol Quality These documents have been reviewed by Marcus Leech for the IESG. One implementation exists, with another under development.