KeyTrap algorithmic complexity attacks exploit fundamental design flaw in DNSSEC
Guest Post: Researchers uncover and investigate ‘the worst attack on DNS ever discovered’.
Tag: DNSSEC
A quantum-safe cryptography DNSSEC testbed
Guest Post: Now is the time to prepare for the future of cryptography.
Notes from DNS OARC 42
DELEG Resource Records, DNS caching resolution failures, DNSSEC upgrades, DNS resilience, and more.
[Podcast] IPv6 fragmentation and the DNS
Discussing the implications of a change to IETF normative language.
DNS at IETF 118
Domain Control Validation, generalized notify, Compact Denial of Existence, and other areas of activity in DNS-related Working Groups.
How we measure: DNSSEC validation
Breaking down how APNIC Labs measures the adoption of DNSSEC validation.
Verisign to update DNSSEC algorithm
Guest Post: Verisign to re-sign .com, .net, and .edu TLDs with new DNSSEC algorithms.
Measuring the use of DNSSEC
How much of the DNS namespace has been signed with DNSSEC?
[Podcast] Adding ZONEMD protections to the root zone
Deploying ZONEMD in the root zone will help increase the security, stability and resiliency of the DNS.
Testing the Multi-Signer DNSSEC model in BIND 9
Guest Post: Testing, and breaking, Multi-Signer models in Bind 9.