From training at ripe.net Tue Jun 3 13:58:41 2003 From: training at ripe.net (RIPE NCC Training) Date: Tue, 03 Jun 2003 13:58:41 +0200 Subject: [dns-wg] ANNOUNCEMENT DNSSec Training Courses Message-ID: <200306031158.h53BwfWq024500@birch.ripe.net> Dear Colleagues, [apologies for duplicate postings] As a service to its members the RIPE NCC offers the DNSSec Training Course. The main objective of the DNSSec Training Course is to provide LIRs with sufficient background to be able to deploy DNSSec in their own organisation as soon as the protocol is standardised. This course also explains the specific procedures set up by the RIPE NCC to to secure the in-addr.arpa zone. The Domain Name System (DNS) is one of the main parts of the Internet infrastructure. At the moment DNS lacks a mechanism to establish the authenticity and integrity of the data it provides. DNSSec is a set of extensions to provide this end-to-end authenticity and integrity. It is currently being developed within the IETF dnsnext Working Group. The protocol is about to be finalised and the code implementing the protocol is available in alpha releases. The DNSSec course consists of two parts: an "Introduction to DNSSec" and a real life demonstration. The "Introduction to DNSSEC" will cover: - DNS security threats - DNSSec security mechanisms - DNSSec server protection - DNSSec data protection - Delegation issues - Key management issues - Current developments Examples are based on the BIND name server. Please note that DNSSec is an advanced course. It will: - NOT teach the basics of DNS. - NOT describe how to receive Internet resources from the RIPE NCC not describe how to operate a Local Internet Registry (LIR) The target audience of the course are technical staff of LIRs: e.g. network & system operators, engineers, etc. This course is not intended for administrative or management staff (e.g. Hostmasters). It is assumed that all attendees are familiar with common DNS terminology, have a practical knowledge in operating DNS servers and are interested in learning the concepts and mechanisms that DNSSec offers. The DNSSec course is conducted in the English language and is free of charge, since it is covered by the membership fee. More information about the DNSSec Training Course can be found at: http://www.ripe.net/training/dnssec/ REGISTRATION: You can register for a course at the following URL: http://www.ripe.net/cgi-bin/trainingform.pl.cgi Or by completing the registration form at the end of this e-mail and replying to In order to register for a DNSSec Training Course you must be an employee of an LIR and either : - be an LIR contact - be confirmed by an LIR contact. LIR contacts are those employees of an LIR who are registered with the RIPE NCC as authoritative contact persons. It is expected that most of those interested in the DNSSec Training Course will not be an authorative contact persons for their LIR, and therefore will be refused by the course registration "robot". In order to be admitted to the course, a confirmation e-mail must be sent to . Please approach the LIR contacts from your organisation personally, since the identity of LIR contacts is confidential, and the RIPE NCC is unable to divulge contact persons for any given LIR. Kind Regards, The RIPE NCC Training Team COURSE DATES AND VENUES ======================= Date: Friday 4 July 2003 Time: 0900 - 1700 Location: Glasgow,United Kingdom AND: Date: Friday 18 July 2003 Time: 0900 - 1700 Location: Vienna, Austria AND: Date: Monday 18 August 2003 Time: 0900 - 1700 Location: Dubai, United Arab Emirates AND: Date: Friday 19 September 2003 Time: 0930-17:00 Location: Amsterdam, The Netherlands REGISTRATION FORM ================= %START PART 1 - Registration 1) Your name Enter First name, Last name in full e.g. John Doe Mary-Beth Walton # NAME [ ] 2) Your Registry ID (format: country-code.) # REG [ ] 3) Your e-mail address # EMAIL [ ] 4) Your NIC handle (optional) # NICHANDLE [ ] 5) The course you plan to attend (date and location) # COURSE [ ] %END From paf at cisco.com Fri Jun 6 05:10:33 2003 From: paf at cisco.com (=?ISO-8859-1?Q?Patrik_F=E4ltstr=F6m?=) Date: Fri, 6 Jun 2003 05:10:33 +0200 Subject: [dns-wg] Call for items for the agenda, RIPE 46 Message-ID: <700FF486-97CC-11D7-A77C-000A959CF516@cisco.com> I hereby call for items for the agenda for RIPE 46. Patrik, co-chair of DNS-wg, and responsible for next meeting From fstein at gmpexpress.net Mon Jun 16 11:56:35 2003 From: fstein at gmpexpress.net (Fred) Date: Mon, 16 Jun 2003 05:56:35 -0400 Subject: [dns-wg] Fw: Error in Document Ripe-192 (dns example) Message-ID: <000b01c333ed$92f373c0$6501a8c0@MDIL.NET> ----- Original Message ----- From: Fred To: webmaster at ripe.net Sent: Saturday, June 14, 2003 9:18 AM Subject: Error in Document Ripe-192 (dns example) I set up a BIND-8 server per the example file, and found that the following creates errors: company.xy. SOA dns.company.xy. hostmaster.company.xy. ( 1998092900 ; Serial number 86400 ; Refresh 1 day 7200 ; Retry 2 hours 3600000 ; Expire 41.67 days 172800 ) ; Minimum TTL 2 days The closing bracket ")" should appear after the ; Minimum TTL 2 days. This error appears in several places in the document. Please forward this to the authors. -------------- next part -------------- An HTML attachment was scrubbed... URL: From olaf at ripe.net Mon Jun 16 14:58:51 2003 From: olaf at ripe.net (Olaf M. Kolkman) Date: Mon, 16 Jun 2003 14:58:51 +0200 Subject: [dns-wg] Fw: Error in Document Ripe-192 (dns example) In-Reply-To: <000b01c333ed$92f373c0$6501a8c0@MDIL.NET> References: <000b01c333ed$92f373c0$6501a8c0@MDIL.NET> Message-ID: <20030616145851.04b3d157.olaf@ripe.net> > > company.xy. SOA dns.company.xy. hostmaster.company.xy. ( > 1998092900 ; Serial number > 86400 ; Refresh 1 day > 7200 ; Retry 2 hours > 3600000 ; Expire 41.67 days > 172800 ) ; Minimum TTL 2 days > > The closing bracket ")" should appear after the ; Minimum TTL 2 days. > This error appears in several places in the document. This is perfectly valid syntax. Actually putting the closing bracket after the Minimum TTL 2 days would render the zone file inparsable. Some explanation: As you know, the brackets enable you to split a resource record over multiple lines. So everything between the opening and closing brackets should be seen as part of one RR. On the other hand everything after the ";" is treated as comments. So putting the ")" behind the ";" would make it invisable to the parser and the RR would not be ending at the appropriate place. -- Olaf ---------------------------------| Olaf M. Kolkman ---------------------------------| RIPE NCC From Piet.Beertema at cwi.nl Mon Jun 16 15:13:51 2003 From: Piet.Beertema at cwi.nl (Piet Beertema) Date: Mon, 16 Jun 2003 15:13:51 +0200 Subject: [dns-wg] Fw: Error in Document Ripe-192 (dns example) In-Reply-To: <20030616145851.04b3d157.olaf@ripe.net> References: <000b01c333ed$92f373c0$6501a8c0@MDIL.NET> <000b01c333ed$92f373c0$6501a8c0@MDIL.NET> Message-ID: <5.1.0.14.2.20030616150756.00abd5e8@pop.cwi.nl> > > company.xy. SOA dns.company.xy. hostmaster.company.xy. ( > > 1998092900 ; Serial number > > 86400 ; Refresh 1 day > > 7200 ; Retry 2 hours > > 3600000 ; Expire 41.67 days > > 172800 ) ; Minimum TTL 2 days > > > > The closing bracket ")" should appear after the ; Minimum TTL 2 days. > > This error appears in several places in the document. > >This is perfectly valid syntax. > >Actually putting the closing bracket after the Minimum TTL 2 days would >render the zone file inparsable. > >Some explanation: > As you know, the brackets enable you to split a resource record over > multiple lines. So everything between the opening and closing > brackets should be seen as part of one RR. > > On the other hand everything after the ";" is treated as comments. So > putting the ")" behind the ";" would make it invisable to the parser > and the RR would not be ending at the appropriate place. Change it to: company.xy. SOA dns.company.xy. hostmaster.company.xy. ( 1998092900 ; Serial number 86400 ; Refresh 1 day 7200 ; Retry 2 hours 3600000 ; Expire 41.67 days 172800 ; Minimum TTL 2 days ) and it's perfectly valid again, but with the closing bracket not seemingly being part of the MinTTL field. Piet From olaf at ripe.net Mon Jun 16 15:24:46 2003 From: olaf at ripe.net (Olaf M. Kolkman) Date: Mon, 16 Jun 2003 15:24:46 +0200 Subject: [dns-wg] Fw: Error in Document Ripe-192 (dns example) In-Reply-To: <20030616131439.GQ17976@nask.pl> References: <000b01c333ed$92f373c0$6501a8c0@MDIL.NET> <20030616145851.04b3d157.olaf@ripe.net> <20030616131439.GQ17976@nask.pl> Message-ID: <20030616152446.40e3c7a2.olaf@ripe.net> > > i think 'after' in this case means 'in the next line'. agreed.. that is perfectly valid syntax too :-) -- Olaf ---------------------------------| Olaf M. Kolkman ---------------------------------| RIPE NCC From Pawel.Krzesniak at nask.pl Mon Jun 16 15:14:40 2003 From: Pawel.Krzesniak at nask.pl (Pawel Krzesniak) Date: Mon, 16 Jun 2003 15:14:40 +0200 Subject: [dns-wg] Fw: Error in Document Ripe-192 (dns example) In-Reply-To: <20030616145851.04b3d157.olaf@ripe.net> References: <000b01c333ed$92f373c0$6501a8c0@MDIL.NET> <20030616145851.04b3d157.olaf@ripe.net> Message-ID: <20030616131439.GQ17976@nask.pl> * Olaf M. Kolkman [2003-06-16 14:58:51 +0200]: > > company.xy. SOA dns.company.xy. hostmaster.company.xy. ( > > 1998092900 ; Serial number > > 86400 ; Refresh 1 day > > 7200 ; Retry 2 hours > > 3600000 ; Expire 41.67 days > > 172800 ) ; Minimum TTL 2 days > > > > The closing bracket ")" should appear after the ; Minimum TTL 2 days. > > This error appears in several places in the document. > > This is perfectly valid syntax. > > Actually putting the closing bracket after the Minimum TTL 2 days would > render the zone file inparsable. > > Some explanation: > As you know, the brackets enable you to split a resource record over > multiple lines. So everything between the opening and closing > brackets should be seen as part of one RR. > > On the other hand everything after the ";" is treated as comments. So > putting the ")" behind the ";" would make it invisable to the parser and the > RR would not be ending at the appropriate place. i think 'after' in this case means 'in the next line'. regards, -- Pawel