Can the DNS support encryption without enabling centralization?
Guest Post: Study shows clients can distribute DNS queries across a set of popular recursive resolvers without performance degradation.
Tag: DNS
DNS security and key ceremonies
Guest Post: What happens at a Root KSK ceremony? What’s at stake, and what could go wrong?
Who emailed who? Institutional privacy risks in the DNS
Guest Post: Institutions that run their own recursive resolvers and route from their own AS are most susceptible to privacy risks.
DoHoT: better security, privacy, and integrity via load-balanced DNS over HTTPS over Tor
Guest Post: Looking for a way to improve privacy and security of your DNS? Run it through Tor.
Observing DNSSEC key life cycles
Guest Post: A new visualization project is shedding light on how regularly DNSSEC are keys being updated.
Another DNS OARC meeting
Geoff shares his thoughts on what was being discussed the recent OARConline 35a.
The prevalence of DNS over HTTPS
Guest Post: DoH resolver lists are not comprehensive, which makes it difficult for network administrators to entirely block DoH connections.
New Machine Learning applications that boost Internet security
Guest Post: New research aims to apply Machine Learning to Internet and DNS security, responsibly.
TLS with DANE
RFC 9102: Trust versus credulity.
Multi-Signer DNSSEC models
Guest Post: Alternative models to zone transfer that can support DNSSEC’s non-standardized features.