Rolling the root key
Have DNSSEC-validating recursive resolvers updated their Trust Anchor sets to include KSK-2024, and how can we measure whether this transition has been successfully adopted?
Tag: Cryptography
Revocation of X.509 certificates
‘Revocation is broken’ is a catchphrase in the world of certificates and Certificate Authorities. Certification infrastructure may not have been designed for the Internet of today.
How to talk about the trust in your devices: An IRTF draft
A review of Michael Richardson’s IRTF draft, a taxonomy of operational security considerations for manufacturer installed keys and trust anchors.
A load of old…
Is quantum computing and post-quantum cryptography really that big of a deal?
Post-Quantum Cryptography
Using Moore’s Law, a computer 20 years into the future is predicted to be around 10,000 times more capable than today’s computation capabilities. Geoff Huston explores some practical implications.
[Podcast] The SIDN Labs post-quantum DNSSEC testbed
Caspar and Ralph from SIDN Labs discuss their DNSSEC testbed for Post Quantum Cryptography.
A quantum-safe cryptography DNSSEC testbed
Guest Post: Now is the time to prepare for the future of cryptography.
Ten years after: What’s changed since Snowden?
IETF draft shares four different personal observations, reflections, and insights made since the leak.
How organizations can prepare for post-quantum cryptography
Guest Post: Steps organizations can take to prepare for post-quantum cryptography.
DNSSEC with RSA-4096 keys
We must anticipate changes in computational capacity when choosing an encryption algorithm, but is it relevant to DNSSEC?