[Podcast] Testing RSSAC 028 DNS root server name choices
A measurement study of how the DNS bootstrap priming query behaves when the root servers are renamed and DNSSEC signatures are added.
A measurement study of how the DNS bootstrap priming query behaves when the root servers are renamed and DNSSEC signatures are added.
Guest Post: How Bangladesh’s .BD ccTLD moved from no DNSSEC coverage to a fully validated chain of trust across its most critical SLDs, overcoming tooling gaps, operational failures, and infrastructure challenges along the way.
The use of encrypted DNS transports for communication between recursive resolvers and authoritative services in the DNS was an important topic of discussion OARC 46 in Edinburgh.
Have DNSSEC-validating recursive resolvers updated their Trust Anchor sets to include KSK-2024, and how can we measure whether this transition has been successfully adopted?
‘Revocation is broken’ is a catchphrase in the world of certificates and Certificate Authorities. Certification infrastructure may not have been designed for the Internet of today.
NIST’s updated DNS deployment guide treats DNS as a core security control, offering practical guidance on protective DNS, encryption, DNSSEC, and both authoritative and recursive operations to help operators strengthen resilience, visibility, and policy enforcement.
A review of Michael Richardson’s IRTF draft, a taxonomy of operational security considerations for manufacturer installed keys and trust anchors.
Guest Post: DNSSEC adoption, while steadily rising, is still low after 20 years. Why care about DNSSEC adoption anyway?
The use of RPKI to secure Internet routing is increasingly standard practice. While there were many significant events in the region throughout 2025, readers maintained an interest in local, regional, and global RPKI stories throughout the year.
Guest Post: Investigating transition requirements for PQC DNSSEC.