Towards an industry best practice for DNSSEC automation
Guest Post: DNSSEC adoption, while steadily rising, is still low after 20 years. Why care about DNSSEC adoption anyway?
Tag: DNSSEC
Three of the best: RPKI
The use of RPKI to secure Internet routing is increasingly standard practice. While there were many significant events in the region throughout 2025, readers maintained an interest in local, regional, and global RPKI stories throughout the year.
Edge cases in DNSSEC validation with multiple algorithms
Guest Post: Investigating transition requirements for PQC DNSSEC.
From OpenDNSSEC to Knot DNS
Guest Post: How to use Knot with HSMs, seamlessly transition from OpenDNSSEC, and switch to in-memory keys.
Signing the root in public: The foundations of trust
Inside the ceremony that safeguards global DNSSEC, and why community oversight still matters.
[Podcast] Downloading the root
Geoff Huston discusses the DNS root zone and how query load at the root could be reduced by using trusted local copies of the zone.
[Podcast] DNS computer says ‘NO’
Geoff Huston discusses novel ways to make saying ‘no’ in DNSSEC cheaper and faster, and explores the standards process around formalizing this choice.
How to convince your boss to deploy DNSSEC and RPKI
An improved strategy to advocate for DNSSEC and RPKI deployment.
Three of the best: Security
Here are APNIC Blog’s top three posts related to security for 2024.
[Podcast] Post-Quantum Cryptography
Geoff Huston discusses Post-Quantum Cryptography in Internet protocols and the DNS in particular.