It is a two-day training, where you get a mixture of theory and hands-on experience. We will be using virtual servers hosted by Amazon, so please bring your own laptops.

  • Time: Day 1: 10:00 – 17:00, Day 2: 09:00 – 16:00

Agenda

  • Brief introduction to DNSSEC and the OpenDNSSEC application
  • Prerequisites for running OpenDNSSEC and description of the lab environment
  • Practical planning of your DNSSEC policies, based on three reference cases
  • SoftHSM installation and initialization
  • Configuration files for ODS, conf.xml , kasp.xml and zonelist.xml
  • Files and folders used by ODS
  • Running OpenDNSSEC
    • - Sign a single zone
    • - List keys
    • - Export public keys
    • - Roll a ZSK, manually and automatically
    • - Roll a KSK
    • - Signing many zones
  • Monitoring the system with the Audit tool
  • System administration
    • - Backups
    • - Key administration
    • - Logging

Preparations:

Previous trainings had an extra full day of theory. This is now included and spread out over the two days. However, we do recommend that you watch the recordings of those sessions: http://www.opendnssec.org/documentation/training/