[Podcast] DNS spoofing is a non-issue if we all do DNSSEC
DNS spoofing is a growing problem that can be stopped with a range of countermeasures or just DNSSEC.
Tag: DNS
The HTTPS record passes a key milestone
Guest Post: Recently approved HTTPS and SVCB record types aim to change a long-standing paradigm.
Notes from IETF 114
ROV measurement, DANE Portal, IPv6 extension headers, congestion control, and more topics of interest from IETF 114.
Notes from DNS-OARC 38
DoQ for authoritative servers, DNS spoofing countermeasures at Google, the cost of DNSSEC validation, and more from DNS-OARC 38.
Measuring the practical effect of DNS root server instances: A China-wide case study
Guest Post: Many local root queries in China are turning to instances beyond the international gateway, despite there being 16 closer domestic instances.
Addressing the challenges of modern DNS
Guest Post: A comprehensive look at real world deployments and open challenges.
Industry, popularity effect if customers leave cloud providers following a DDoS attack outage
Guest Post: More popular websites are more likely to make changes to their name server records following a DDoS attack on their cloud provider.
Journeying into XDP: XDPerimenting with DNS telemetry
Guest Post: Learn how to plot graphs of DNS metrics without altering the DNS packets or touching the DNS software itself.
Unpacking zero-knowledge middleboxes
Guest Post: Zero-knowledge middleboxes let users encrypt their traffic while still enabling operators to enforce policies.
Unpacking RFC 9199: Considerations for large authoritative server operators
Guest Post: RFC 9199 presents considerations to improve the security, resilience, and performance for large authoritative DNS server operators.