Notes from NDSS DNS Privacy Workshop 2021
ODOH, protocol design tradeoffs and more.
Tag: DNSSEC
Putting DNSSEC signers to the test: Knot vs Bind
APNIC had to migrate to a new DNSSEC signer, so we put our two favourite options to the test. Game on!
Notes from NANOG 81
Presentations on router history and routing security caught Geoff’s eye at NANOG 81.
Stop spoofed traffic at the door: Destination-side SAV
Guest Post: Roughly half of all ASes fail to filter for spoofed traffic as it enters their network border. A new tool helps admins test their own network in real time.
DoH the right thing
Opinion: The NSA recently issued some advice on DoH. It wasn’t necessarily bad advice, but it was not well received.
DNSSEC: The long and bumpy road of algorithm deployment
Guest Post: Study finds that replacing outdated cryptographic algorithms can take more than four years.
DNS evolution: Trust, privacy and everything else
Internet infrastructure has evolved a lot since the 1980s. How well is the DNS coping with all that change?
Notes from OARC 32b
Geoff shares his thoughts from the recent DNS-OARC virtual meeting.
Why has DNSSEC increased in some economies and not others?
Guest post: DNSSEC validation is past 25% worldwide but progress has not been spread evenly. Why?
What drives technology adoption in the Internet?
Although the adoption of IPv6 and DNSSEC has been protracted, it hasn’t stopped the Internet evolving.