From OpenDNSSEC to Knot DNS
Guest Post: How to use Knot with HSMs, seamlessly transition from OpenDNSSEC, and switch to in-memory keys.
Guest Post: How to use Knot with HSMs, seamlessly transition from OpenDNSSEC, and switch to in-memory keys.
Inside the ceremony that safeguards global DNSSEC, and why community oversight still matters.
Geoff Huston discusses the DNS root zone and how query load at the root could be reduced by using trusted local copies of the zone.
Geoff Huston discusses novel ways to make saying ‘no’ in DNSSEC cheaper and faster, and explores the standards process around formalizing this choice.
An improved strategy to advocate for DNSSEC and RPKI deployment.
Here are APNIC Blog’s top three posts related to security for 2024.
Geoff Huston discusses Post-Quantum Cryptography in Internet protocols and the DNS in particular.
Using Moore’s Law, a computer 20 years into the future is predicted to be around 10,000 times more capable than today’s computation capabilities. Geoff Huston explores some practical implications.
An analysis of CDS and CDNSKEY records looking at mismatches between child and parent, and the nameservers for the zone.
Guest Post: Lessons learned from a study on the interrelation of CAA, CT, and DANE in web PKI deployments.