Periodically, the DNS administrator will have to update keys to ensure continued security. This session explains how to update both the key, and the signing algorithm.
This series of 10 lectures will take you through a full-day class on DNSSEC theory, history, implementation and troubleshooting, using current versions of BIND 9.
1 - Why do we need DNSSEC?
2 - DNSSEC Development & Deployment (history)
3 - Basic Cryptography and DNS background for DNSSEC
4 - Resolution and Validation
5 - Record Types, Keys, Signatures and NSEC
6 - Record Types, Keys, Signatures and NSEC, pt2
7 - Signing with BIND
8 - Key Rollover, Algorithm Rollover
9 - Key maintenance, including the new KASP tool in BIND, Negative trust anchors
10 - Troubleshooting DNSSEC issues
---
Learn more at http://www.isc.org