# APRICOT 2021: DNSSEC Tutorial
* **Date:** February 24-25, 14:00 - 16:15 PHST (GMT+8)
* **Location:** Online
* **Host:** [APRICOT](https://www.apricot.net/)
* **Partners:** [PhNOG](https://www.facebook.com/groups/632112196877805), [DICT](https://dict.gov.ph/), [DOST-ASTI](https://asti.dost.gov.ph/)
## Tutorial
* [Detailed Agenda](agenda.html)
* [Tutorial Description and Summary](summary.html)
## Topics covered
- General motivation
- Risks associated with insecure DNS
- What's involved (signing and validation)
- Enabling validation (verification of DNS signatures)
- Signing zones - what needs to be in place
- Strategy for deployment (bump in the wire)
- Operational aspects
- Signing/resigning
- Key rollover
- Key management
- Monitoring signatures
- Deployment considerations
- HW/SW recommendations, including security aspects (HSM)
- Example scenario
- Budgeting
- initial deployment - requirements
- Factoring in additional manpower for managing & monitoring
| ## Workshop ## |
|
