DNSSEC with RSA-4096 keys
We must anticipate changes in computational capacity when choosing an encryption algorithm, but is it relevant to DNSSEC?
Tag: Cryptography
Assessing DNSSEC with EdDSA
Comparing DNSSEC elliptical curve cryptographic algorithms.
What is ‘M of N’ in public/private key signing?
How many pieces of a treasure map need to be shared so one person alone can’t get the treasure?
An Opinion Piece on Internet Security
Opinion: Why has our public key certificate system failed the Internet so badly?
Krill — a new RPKI Certificate Authority
Guest Post: Generate and publish RPKI cryptographic material to authorize BGP announcements, delegate child certificates, and publish cryptographic material.
Destroying the Root DNSSEC Hardware Security Module
Learn how the computers that generate and keep safe the cryptographic material required for signing the DNS root are dealt with when made redundant.
CNNIC’s RPKI deployment experience
Guest Post: After a carefully planned rollout, CNNIC is now offering its RPKI service to its members.
Help protect your resources from misuse – be active in the community
It’s difficult to defend the integrity of your addresses on the Internet if you don’t publicly engage.
DNS OARC 26: When too much DNS is barely enough
DNS over TCP, cryptography, QUIC, ANAME and HyperLogLog – Geoff discusses some of the highlights of DNS OARC 26 held in Madrid.
Update on the Root Zone Key Signing Key Rollover
ICANN recently announced the operational plans to “roll” the Root Zone Key Signing Key, an essential part of DNSSEC.