What’s going on with certificate revocation?
Does X.509 certificate revocation work as intended, or even work at all?
Search blog
Results for "IETF 100"
Authenticated bootstrapping of DNSSEC delegations
Guest Post: By transferring pre-existing trust from the zone’s DNS operator, a new in-band solution would simplify and secure automation of DNSSEC deployment.
Resurrection of injection attacks
Guest Post: DNS transparency is a gaping hole in Internet security.
Defeating IPv6 prefix rotation privacy
Guest Post: Study finds millions of IPv6 CPE routers continue to use privacy and security vulnerable EUI-64 GUAs.
DNS vulnerability, configuration errors can cause DDoS
Guest Post: An overlooked DNS vulnerability that, when combined with a configuration error, is leading to massive DNS traffic surges.
A banana for scale: Why people don’t understand big numbers
How can we contextualize the large numbers used in IPv6 address models?
Improving the resiliency of RPKI Relying Party software
Guest Post: Is it possible to disrupt RPKI Relying Party software by introducing a malicious CA/repository into the tree?
Efficient multipath transport with QUIC in large-scale video services
Guest Post: Alibaba shares their experience developing XLINK, a multipath extension for QUIC.
Notes from DNS-OARC 36
Slack’s DNSSEC debacle, NSEC problems, Measuring DNSSEC, and more from DNS-OARC 36.
Notes from RIPE 83
Geoff Huston discusses technical presentations from RIPE 83.