Integrating DANE with DNS and certificate portals

DANE is a technology that builds on DNSSEC to help mitigate attacks against Certification Authorities (like the TERENA Certificate Service). In this presentation we show how SURFnet integrated its DNS and Certificate Service portals with support for DANE in a proof-of-concept implementation, what problems were found that remain to be solved, and we discuss our ideas on how to solve those.


Part of session

Network Centric Services

Related documents