Tag: DNSSEC

Blog home

---

The path to resolverless DNS

By Geoff Huston on 17 May 2022

Making sense of resolverless name resolution.

DNS topics at IETF 113

By Geoff Huston on 28 Mar 2022

Handling resolution failure, truncated responses, stateful hash-based DNSSEC signatures, and more.

DNSSEC algorithms for TLDs (and everyone else)

By Viktor Dukhovni on 24 Mar 2022

Guest Post: Has the time come to phase out 1,024-bit RSA from the DNSSEC ecosystem?

Authenticated bootstrapping of DNSSEC delegations

By Nils Wisiol on 8 Mar 2022

Guest Post: By transferring pre-existing trust from the zone’s DNS operator, a new in-band solution would simplify and secure automation of DNSSEC deployment.

Notes from DNS-OARC 37

By Geoff Huston on 22 Feb 2022

Zone file bug hunting, Adaptive DNSSEC, failure behaviour in the DNS, and more from DNS-OARC 37.

Resurrection of injection attacks

By Philipp Jeitner on 22 Feb 2022

Guest Post: DNS transparency is a gaping hole in Internet security.

Disaster recovery with DNSSEC

By Stefan Ubbink on 14 Feb 2022

Guest Post: How to recover from losing all the keys in your HSMs.

Three of the best: Security

By Dan Fidler on 29 Dec 2021

Here are APNIC Blog’s top three posts related to security for 2021.

Notes from ICANN’s DNS Resolver Symposium

By Geoff Huston on 23 Dec 2021

Resolver evolution, what users want, DNS tunnelling, and more from the recent Resolver Operator Forum.

Event Wrap: DNS-OARC 36

By Bhadrika Magan on 10 Dec 2021

Geoff Huston presented at DNS-OARC 36, held online from 29 to 30 November 2021.

Top