Activity Details


The Domain Name System (DNS) is a critical part of the Internet. DNS translates names to IP addresses, a process required for majority of Internet functions. To guarantee the availability and security of Internet services, this tutorial explores DNS concepts and security mechanisms, particularly DNS Security Extensions (DNSSEC).

This tutorial examines in detail the mechanisms to authenticate the communication between DNS Servers, establish the authenticity and integrity of DNS data, and delegate trust.

Content Outine:

  • DNS Protocol Vulnerabilities
  • DNS Security Concepts
  • DNS Security Extensions (DNSSEC)
  • Implementing DNSSEC
  • DNSSEC Key Management


  1. DNS Operations - root servers, reverse DNS, caching, primary/secondary nameservers
  2. DNS Security - logging, ACLs, transactions, secure zone transfers
  3. DNSSEC validation – validating resolvers
  4. Implementing DNSSEC - signing, publishing, key rollover
Target AudienceNetwork/Systems Engineers
Activity Co-ordinator(s)Che-Hoo Cheng, APNIC
Expected No. of Participants:30
Seating ArrangementClassroom
Date:Monday 2019-02-18
Time:09:00 - 17:00
Location:Room 103
Trainer(s):Sheryl Hermoso, APNIC, Australia
1.  DNS Operations
2.  DNS Security Concepts
3.  DNSSEC Validation
4.  DNSSEC Signing and Key Management