DNSSEC validation: Performance killer?
Guest Post: Are computer resources handicapped by DNSSEC validation?
Tag: DNSSEC
[Podcast] DNS spoofing is a non-issue if we all do DNSSEC
DNS spoofing is a growing problem that can be stopped with a range of countermeasures or just DNSSEC.
Notes from IETF 114
ROV measurement, DANE Portal, IPv6 extension headers, congestion control, and more topics of interest from IETF 114.
Notes from DNS-OARC 38
DoQ for authoritative servers, DNS spoofing countermeasures at Google, the cost of DNSSEC validation, and more from DNS-OARC 38.
Addressing the challenges of modern DNS
Guest Post: A comprehensive look at real world deployments and open challenges.
[Podcast] Why a resolverless DNS makes sense
PING E15: Server push, combined with DNSSEC could help make DNS resolvers a thing of the past.
The path to resolverless DNS
Making sense of resolverless name resolution.
DNS topics at IETF 113
Handling resolution failure, truncated responses, stateful hash-based DNSSEC signatures, and more.
DNSSEC algorithms for TLDs (and everyone else)
Guest Post: Has the time come to phase out 1,024-bit RSA from the DNSSEC ecosystem?
Authenticated bootstrapping of DNSSEC delegations
Guest Post: By transferring pre-existing trust from the zone’s DNS operator, a new in-band solution would simplify and secure automation of DNSSEC deployment.