Tag: DNSSEC

Analyzing the KSK roll

By Geoff Huston on 31 Oct 2018

It’s time to look at the data to see what we can learn from the first roll of the root zone’s KSK.

Measuring the KSK Roll

By Geoff Huston on 28 Sep 2018

APNIC Labs has been assisting with measuring how ready the Internet is for the DNS Root Zone KSK rollover.

Measuring ECDSA in DNSSEC: An Update

By Geoff Huston on 23 Aug 2018

Has the use of elliptical curve cryptographic algorithms in generating digital signatures for securing the DNS improved since 2014?

DNSSEC ‘and’ DNS over TLS

By Geoff Huston on 20 Aug 2018

A trustable DNS demands DNSSEC irrespective of the fate of DNS over TLS.

Sunrise DNS over TLS, sunset DNSSEC?

By Willem Toorop on 17 Aug 2018

Guest Post: DNS over TLS brings reliable delivery of the DNS, which might make DNSSEC and DANE finally happen after all.

Bang for buck: the adoption of DNSSEC and return on investment

By Rene Bakker on 24 Apr 2018

Guest Post: To what extent does price and return on investment play on the adoption of DNSSEC?

How well does ATR actually work?

By Geoff Huston on 16 Apr 2018

Additional Truncated Response (ATR) does not completely fix the issue of large responses but it is worth considering if you want a faster DNS service.

Measuring the Root Zone KSK Trust

By Geoff Huston on 11 Apr 2018

APNIC Labs attempts to validate the proportion of resolvers reporting trust in KSK-2017 ahead of the restart of the Root Zone DNS key roll process.

Impressions from DNS-OARC 28

By Geoff Huston on 16 Mar 2018

Geoff discusses some of the highlights of DNS-OARC 28, held in Puerto Rico earlier this month.

Peak DNSSEC?

By Geoff Huston on 26 Feb 2018

Since 2016, APNIC Labs has observed a drop in global DNSSEC adoption. Have we passed the point of peak use of DNSSEC?