Operational Considerations of Authoritative DNS over TLS (ADoT)

Karl Henderson
Sr. Researcher
Verisign Labs

12:00 noon–1pm
Friday, December 6, 2019
ITE 227


DNS over TLS (DoT) has been gaining attention, primarily as a means of communication between stub resolver and recursive resolver. There have also been discussions and experiments involving the use of DoT to communicate with authoritative nameservers (Authoritative DNS over TLS or “ADoT”), including communication between recursive and authoritative resolvers with a focus on the lower levels of the DNS hierarchy.

In this presentation, we will discuss operational concerns that need to be addressed prior to ADoT’s deployment at scale by DNS operators in order to maintain the stability and resilience of the global DNS. This presentation will also discuss suggested next steps to advance the operator community’s understanding of ADoT’s operational impact.

About the Speaker:

Karl Henderson, Sr. Researcher, Verisign Labs, is responsible for the DNS protocol evolution with a focus on DNS privacy research. Karl has more than 30 years of technology experience in development, operations, management, and research. Prior to employment at Verisign, Karl held management and engineering positions with Nortel (BNR), Ericsson, Motorola, DSC, and MCI. Karl is the author of 14 granted US patents. He earned a Bachelor of Science in Computer Science at the University of North Texas, Denton, TX.

Email: khenderson@verisign.com


Alan T. Sherman: sherman@umbc.edu

Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681.