Improving the resiliency of RPKI Relying Party software
Guest Post: Is it possible to disrupt RPKI Relying Party software by introducing a malicious CA/repository into the tree?
Category:
Tech matters
Efficient multipath transport with QUIC in large-scale video services
Guest Post: Alibaba shares their experience developing XLINK, a multipath extension for QUIC.
Notes from DNS-OARC 36
Slack’s DNSSEC debacle, NSEC problems, Measuring DNSSEC, and more from DNS-OARC 36.
ICARUS: Beware of flying satellites
Guest Post: How resilient are LEO satellite networks to DDoS attacks?
NPM, encryption, and the challenges ahead: Part 2
Guest Post: Encryption forced NPM vendors to evolve. Part 2 of this series discusses NPM’s evolution, including synthetic testing as one recent advancement.
Notes from RIPE 83
Geoff Huston discusses technical presentations from RIPE 83.
Working latency — the next QoE frontier
Guest Post: Comcast shares its work into reducing latency through Active Queue Management.
Help develop the DNS Data Dictionary
Guest Post: The DNS Data Dictionary seeks to map what is in existing relevant protocols and prevent divergence in new protocols.
ARP problems in EVPN
Guest Post: Why you should always set ARP timeout to less than five minutes in L3 EVPN and beware potential ARP suppression issues in L2 EVPN.
Modern OSes are prone to side-channel-based DNS cache poisoning attacks
Guest Post: Researchers show how SAD DNS attacks allow an off-path attacker to inject malicious DNS records into a DNS cache.