Revocation of X.509 certificates
‘Revocation is broken’ is a catchphrase in the world of certificates and Certificate Authorities. Certification infrastructure may not have been designed for the Internet of today.
Tag: DANE
Under the hood of DANE mismanagement in SMTP
Guest Post: Self-management of SMTP servers is error-prone.
Notes from IETF 114
ROV measurement, DANE Portal, IPv6 extension headers, congestion control, and more topics of interest from IETF 114.
Adoption of DNS security mechanisms related to ease-of-use, cost
Guest Post: Study shows ease-to-deploy and cost are important factors when it comes to using DNS security mechanisms.
How to detect if your domains are being abused for phishing attacks
Guest Post: There are several freely available standards, policies and protocols that can help any organization decrease the risk of their domains being abused.
An Opinion Piece on Internet Security
Opinion: Why has our public key certificate system failed the Internet so badly?
Better mail security with DANE for SMTP
Guest Post: DNS-based Authentication of Named Entities (DANE) for SMTP provides a more secure method for mail transport.
Whither DANE?
Guest Post: DANE has reached an impasse in web deployment – so where to from here?
DNS-OARC 30: Bad news for DANE
Geoff Huston shares his thoughts from DNS-OARC 30.
Sunrise DNS over TLS, sunset DNSSEC?
Guest Post: DNS over TLS brings reliable delivery of the DNS, which might make DNSSEC and DANE finally happen after all.