Measuring ECDSA in DNSSEC: An Update
Has the use of elliptical curve cryptographic algorithms in generating digital signatures for securing the DNS improved since 2014?
Tag: DNSSEC
DNSSEC ‘and’ DNS over TLS
A trustable DNS demands DNSSEC irrespective of the fate of DNS over TLS.
Sunrise DNS over TLS, sunset DNSSEC?
Guest Post: DNS over TLS brings reliable delivery of the DNS, which might make DNSSEC and DANE finally happen after all.
Bang for buck: the adoption of DNSSEC and return on investment
Guest Post: To what extent does price and return on investment play on the adoption of DNSSEC?
How well does ATR actually work?
Additional Truncated Response (ATR) does not completely fix the issue of large responses but it is worth considering if you want a faster DNS service.
Measuring the Root Zone KSK Trust
APNIC Labs attempts to validate the proportion of resolvers reporting trust in KSK-2017 ahead of the restart of the Root Zone DNS key roll process.
Impressions from DNS-OARC 28
Geoff discusses some of the highlights of DNS-OARC 28, held in Puerto Rico earlier this month.
Peak DNSSEC?
Since 2016, APNIC Labs has observed a drop in global DNSSEC adoption. Have we passed the point of peak use of DNSSEC?
Bringing DNS security and privacy to the end user
Guest Post: Authentication and encryption should start at the edge of the network, with the end user.
Aggressive NSEC caching in BIND 9.12
Guest Post: Implementation of aggressive NSEC caching in BIND 9.12 should reduce the amount of traffic sent to root servers.