A session discussing Cryptography

(c) Can Stock Photo / ibreakstock


ICANN and ISOC Norway will hold a session discussing Cryptography. Experts in applied cryptography will discuss current practices, including key management and quantum key cryptography, and generally talk about the state of cryptography in ICT in 2023.

  • Date: September 26 2023
  • Time: 17:00-20:00
  • Venue: Rebel, Universitetsgata 2, 0164 Oslo

The meeting will be open for all.

Recording from the event: https://livestream.com/internetsociety/discussingcryptography


  • Quantum-readiness and high function crypto. Arne Tobias Malkenes Ødegaard, Norwegian National Security Authority (NSM)
  • Automated key rollovers in the DNS. Lars-Johan Liman, Netnod
  • Real-world crypto mistakes. Tor Erling Bjørstad, Mnemonic
  • A Brief Primer on Managing the Keys to the Internet. David Huberman, ICANN

Quantum-readiness and high function crypto – Arne Tobias Malkenes Ødegaard

Quantum computers are becoming increasingly powerful, and in a number of years they will be powerful enough to break a lot of the cryptography we use today. In this talk I will mention what both the cryptographic community at large and we at NSM are doing to help society get ready for a future where powerful quantum computers are ubiquitous. In addition, I will talk a bit about a new research project at NSM which tries to find applications of advanced cryptographic tools to improve security and privacy in new settings.

Automated key rollovers in the DNS – Lars Johan Liman, Netnod

The distribution of crypto keys is the Achilles heel of all crypto systems, and replacing old keys with new ones is cumbersome and errorprone. Within the domain name system new methods have been developed to automate key rollovers using new records types and zone scanning.

Real-world crypto mistakes – Tor Erling Bjørstad, Mnemonic

Building secure systems is hard. Despite having strong crypto primitives available, the devil is very much present in the details. In this talk, we will take a closer look at some common ways that cryptography fails. I will be using examples from my experience as a security auditor and penetration tester, and also share some thoughts on how to avoid these pitfalls.

A Brief Primer on Managing the Keys to the Internet – David Huberman, ICANN

If you hear about the “keys to the Internet,” the topic usually relates to a very specific thing — a digital key, cryptographically signed, that is used to verify the security of the DNS. This talk will explore these keys are, how they are managed, and how they are kept secure.


  • Tor Erling Bjørstad has been working in security and privacy for more than 15 years. He has been at mnemonic as a consultant since 2013. Tor holds a Ph.d. in cryptography from the University of Bergen.
  • David Huberman has been in the internet engineering industry since 1999. Prior to joining ICANN, he was at companies such as Microsoft, Global Crossing, Oracle, and Telocity. He also spent 10 years at ARIN. David graduated from Indiana University in 1996 with a bachelors of arts degree for a double major (telecommunications and geography). He lives with his family in Ashburn, Virginia, USA.
  • Lars-Johan Liman, M.Sc., is technical and policy lead for the DNS root name service provided by Netnod – a role that he has held for almost 30 years. He has held a variety of positions in the DNS instry, ranging from the (then) committee for domain name rules for .SE, via working group chairfor the DNSOP WG in the IETF, to chair for the Root Server System Advisory Committee in ICANN, and the ICANN Customer Standing Committee. Liman has served in numerous committees in ICANN and other places, and is a well-known DNS nerd in the IETF, ICANN, and RIPE communities. Inaddition he has also taught countless courses on all aspects of the DNS.
  • Arne Tobias Ødegaard is working as a researcher at the Norwegian National Security Authority (NSM). He graduated from the University of Bergen with a PhD in cryptography in 2022.

Can Open Source communities survive the coming EU laws?

Join ISOC Norway for a fireside chat with Simon Phipps (Director of EU Policy at OSI) where we explore the upcoming cyber security regulations from EU, and discuss possible consequences and remedies for businesses and the Open Source communities they depend on.

This conversation will be between…

  • Simon Phipps (Director of EU Policy at OSI)
  • Kaspar R. Ludvigsen (Lawyer, CRA contributor and PhD candidate)
  • Hans-Petter Fjeld (Senior Security Analyst, Defendable)
  • Salve J. Nilsen (Open Source Community organizer and Event host)

Watch the recording here.

Evening workshop: ICANN and current challenges on the internet

The Internet Corporation for Assigned Names and Numbers (ICANN.org), ISOC Norway, Norsk Forening for Jus og EDB (nfje.no) and iQ Global (iq.global) invites to an evening workshop on 2. March 2023

Venue: REBEL, Universitetsgata 2, 0164 Oslo
Time: 16:00-21:00.

Social gathering from 18:30 at REBEL.


Introduction to ICANN

Speaker: Christopher Mondini

Chris Mondini is Vice President, Stakeholder Engagement, Europe and Managing Director for Europe, stationed in the Brussels, Belgium office. In his role, Mondini oversees ICANN org’s operations in the region and leads ICANN org’s Global Business Engagement initiatives worldwide.

Cybersecurity and the EUs NIS2 Directive


Moderator: Professor Tobias Mahler, Norwegian Research Center for Computers and Law, University of Oslo

DNS Abuse

We will showcase and discuss different approaches for handling suspicious behavior on the internet, covering both the global and local perspectives.

Moderator: Sebastian Felix Schwemer, Associate Professor/Head of Centre for Information and Innovation Law (CIIR), UCPH


ICANN’s mission is to help ensure a stable, secure, and unified global Internet. To reach another person on the Internet, you need to type an address – a name or a number – into your computer or other device. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world.

ICANN was formed in 1998 as a nonprofit public benefit corporation with a community of participants from all over the world.


The Norwegian Association for Law & IT was founded on 15 August 1980. The association is a multidisciplinary forum where members can exchange views, experiences, information and knowledge about law and information technology in the broadest sense.


iQ is a SaaS software and consulting service provider for the domain name industry. Comprised of a team of industry veterans, iQ provides anti-abuse services to leading Registries, Registrars and SaaS providers.

Their flagship product, iQ Abuse Manager, monitors over 200 million domain names per day for malicious activities.”


Norid runs the registry for the Norwegian country code top-level domains .no (Norway), .sj (Svalbard and Jan Mayen) and .bv (Bouvetøya), and assigns, administers and registers domain names within these top-level domains. Only the .no domain is open for registrations, and currently has roughly 845 000 domain names. In addition to the registry service, Norid manages the domain name service for the top-level domains.

EURALO Newletter

Within ICANN, the At-Large Community acts on the interests of Internet users. There are 250 At-Large Structures (ALSes) and 120 Individual Members around the world, and their numbers continue to grow. Whether it is an Internet-related consumer rights group, an academic organization, or a public-minded individual, we share a passion for furthering the development of ICTs and contributing to policies that influence the technical coordination of the Domain Name System. We work to ensure that the Internet continues to serve the global public interest.

EURALO serves the At-Large in Europe

The arcieve of EURALO newsletter can be found here.

Hvordan verne Internett fra å bli til Splinternett

The Internet Society (ISOC) jobber for at Internett forblir en åpen, globalt tilgjengelig, sikker og tillitsverdig ressurs for alle. Vi i The Internet Society Norway Chapter (ISOC Norge) har som mål at dette også gjelder for oss i Norge, og i dag er vi bekymret for at nye tendenser for å redusere Internettets åpenhet også får grobunn i Norge.

Med bakgrunn i Russlands invasjon av Ukraina har myndigheter, næringsliv og organisasjoner foreslått sanksjoner som kan permanent skade Internettet slik vi kjenner det. USA, EU og G7 forpliktet seg nylig til å sikre at bedrifter som tilbyr tilgang til Internett i Russland kan fortsette med dette. Forpliktelsen er et kritisk steg i retning av å verne om åpenheten, tilgangen, sikkerheten og tilliten til Internett. Dessverre er det flere krefter som ikke deler dette synspunktet.

ISOC Norge ser med bekymring at flere land vurderer sanksjoner og virkemidler som uforvarende vil påvirke Internettets infrastruktur. Samtidig, så ser vi noen land gå så langt at de ønsker å koble seg fra Internettet. Dette er faktorer og forhold som risikerer å lede til et “Splinternett”.

Et “Splinternett[1] er det man får når det åpne og globale Internettet splittes ned til en samling av fragmenterte nettverk som hver kontrolleres av stater og bedrifter. Et Splinternett er det motsatte av et globalt Internett. Dette vil knuse et samarbeide som har pågått i flere tiår for å bygge kommunikasjonskanaler på tvers av grenser, kulturer og geografi, og erstatte dette med en serie isolerte nettverk som ikke lenger samhandler. Disse nettene kan bruke de samme navnene og protokollene som det globale internettet, men stater og bedrifter vil operere som portvoktere som setter føringer for hva man kan gjøre, se og ha tilgang til på disse nettene.

Vi har alle et ansvar for å verne om Internett. Å beskytte et åpent, globalt tilknyttet, sikkert og tillitsverdig Internett, betyr at man verner om:

  • Uhindret tilgang til et fungerende marked for tilgang på Internett infrastruktur.
  • Tilgang til den fulle bredden av informasjons- og nyhetskilder.
  • Lover og regler som sikrer rettighetene til fri ytring, samling, publisering, diskurs og tilgang på kunnskap på Internett.
  • Rettigheten og muligheten til å drive handel på en sikker og tillitsverdig måte.
  • Tilgangen på fremtidig kompetanse som kan ta vare på og videreutvikle Internett-tjenester og infrastruktur, samt institusjonene som muliggjør dette.

Med dette i tankene, så oppfordrer vi at vi i Norge:

  • Aktivt jobber for at nasjonale og internasjonale regler, sanksjoner og regimer ikke hindrer operasjonen av og tilgangen til telekommunikasjonstjenester som sikrer tilgang til Internett.
  • Oppfordrer næringsliv og organisasjoner som støtter eller tilbyr Internett infrastruktur å unngå beslutninger om å forlate land på grunn av politiske årsaker.
  • Gjennomføre Internett konsekvensvurderinger[2] for å forsikre oss om at politikk, lover og regler ikke hindrer et åpent, globalt tilknyttet, sikkert og tillitsverdig internett. 

Ved spørsmål, ikke nøl med å ta kontakt.

ISOC Norge <post@isoc.no>
Twitter: @ISOCNorway