DNS

Blogs

Measuring the Use of DNSSEC

The canonical specification of the DNS that is normally cited are the pair of quite venerable RFCs, RFC 1034, "Domain names - concepts and facilities", and RFC 1035, "Domain names - implementation and specification", both published in November 1987. However, these two specification documents are just the tip of a rather large iceberg. One compendium of all the RFCs that touch upon the DNS lists some 292 RFCs. more

What ICANN’s Strong Stance on the UN’s Global Digital Compact Says About Current Internet Governance

On 21 August 2023, ICANN org. made its position in relation to the current state of the UN's Global Digital Compact (GDC) clear in a blog post by Sally Costerton (ICANN CEO), John Curran (ARIN), and Paul Wilson (APNIC), entitled "The Global Digital Compact: A Top-down Attempt to Minimize the Role of The Technical Community." The publication strongly criticizes the GDC's attempt at folding the technical community into the civil society umbrella under a "tripartite" approach also involving the private sector and governments, as proposed by the Secretary-General's Envoy on Technology, Amandeep Gill. more

Verisign Will Help Strengthen Security With DNSSEC Algorithm Update

As part of Verisign's ongoing effort to make global internet infrastructure more secure, stable, and resilient, we will soon make an important technology update to how we protect the top-level domains (TLDs) we operate. The vast majority of internet users won't notice any difference, but the update will support enhanced security for several Verisign-operated TLDs and pave the way for broader adoption and the next era of Domain Name System (DNS) security measures. more

Learn More About the DNS at DNIB.com

DNIB.com is a new industry-focused source of information, insights and data on the Domain Name System (DNS) -- a place to hear directly from subject-matter experts about relevant policy and governance news, DNS security and technology topics, and to provide industry data, analysis and insights on a regular schedule. DNIB.com builds on the Domain Name Industry Brief Quarterly Report, which summarizes the state of the domain name industry through a variety of statistical and analytical research. more

Call for Participation - ICANN DNSSEC and Security Workshop for ICANN78 Annual General Meeting

In cooperation with the ICANN Security and Stability Advisory Committee (SSAC), we are planning a DNSSEC and Security Workshop for the ICANN78 Annual General Meeting being held as a hybrid meeting from 21-26 October 2023 in Hamburg, Germany in the Central European Summer Time Zone (UTC +2). This workshop date will be determined once ICANN creates a block schedule for us to follow; then we will be able to request a day and time. more

How to Take a Proactive Approach to DNS Health

Because DNS is such an omnipresent part of modern networking, it's easy to assume that functional DNS infrastructure can be left running with minimal adjustments and only needs to be investigated in the event of a malfunction. Yet there are small telltale signs that precede DNS issues -- and knowing what they are can help to prevent disruption before it happens. more

DNS Abuse: A Litmus Test for ICANN

For a long time, arguments about the meaning of "DNS Abuse" prevented fruitful discussions within the ICANN community on when and how it is appropriate to act at the level of the DNS to address abuses online. The proposed amendments to RA and RAA agreements represent a significant and welcomed step in the right direction. As Secretariat of the Internet & Jurisdiction Policy Network (I&JPN), we strongly encourage their adoption... more

A New Phase of Measuring DNS Abuse

Today the DNS Abuse Institute (“DNSAI” or the “ Institute”) adds a new level of reporting for our measurement project: DNSAI Compass™ (“Compass”). With this new level of reporting, we intend to show the spectrum of how malicious phishing and malware is distributed across the DNS registration ecosystem.1 To demonstrate this, we are identifying registrars and TLDs with high and low volumes of malicious domain registrations in their Domains Under Management (DUM), or new registrations. more

Building a More Secure Routing System: Verisign’s Path to RPKI

At Verisign, we believe that continuous improvements to the safety and security of the global routing system are critical for the reliability of the internet. As such, we've recently embarked on a path to implement Resource Public Key Infrastructure (RPKI) within our technology ecosystem as a step toward building a more secure routing system. In this blog, we share our ongoing journey toward RPKI adoption and the lessons we've learned as an operator of critical internet infrastructure. more

12th Registration Operations Workshop: Join Us Online on June 20th, 2023

The Registration Operations Workshop (ROW) was conceived as an informal industry conference that would provide a forum for discussion of the technical aspects of registration operations in the domain name system and IP addressing. The ROW series is being co-sponsored by Verisign and ICANN and organized by Cofomo, and we are looking forward to an engaging set of talks, panel discussions, and conversations with individuals involved with the operation of domain name registrations systems. more

Failed Expectations: A Deep Dive Into the Internet’s 40 Years of Evolution

In a recent workshop, I attended, reflecting on the evolution of the Internet over the past 40 years, one of the takeaways for me is how we've managed to surprise ourselves in both the unanticipated successes we've encountered and in the instances of failure when technology has stubbornly resisted to be deployed despite our confident expectations to the contrary! What have we learned from these lessons about our inability to predict technology outcomes? more

Analyzing Data for Business and Security Signals

Domain name registries and registrars play a critical role in the functioning of the internet, serving as gatekeepers to the DNS. As such, they have an important responsibility to ensure the security and stability of the DNS but also to promote the use of a domain name in a meaningful way for the end user. To be more efficient in achieving these goals, the domain name industry has started to become more open to the idea of leveraging their own internal data to gain insights about their current business. more

In AI, We Trust!?

When it comes to Artificial Intelligence (AI), there is a widespread fear that AI machines will "take over" and dominate humanity. Today, we should be concerned when governments and digital corporations use AI to replace trust as the fundamental value and principle in the digital domain. more

How You Can Be Hijacked Without Actually Being Hacked

Unsuspecting website visitors are often unaware when they have landed on a spoofed page or are re-directed to malware-hosting web servers designed to steal their sensitive data and information. This attack is known as subdomain hijacking, or subdomain takeover. A web user's private information is then traded on the dark web, and cybercriminals profit, further fueling the expansion of identity theft in the online world. more

A Brief History and Recent Developments in the Co-Existence of Web2 and Web3 Domains

The Domain Name System (DNS, aka Web 2) and Web3 platforms are two different naming systems available to internet users. While the DNS (Web2) has been a reliable and trusted internet standard for decades, Web3 platforms (such as ENS, Handshake and Unstoppable) are a relatively new technology deployment that presents unique and different features. more

News Briefs

CIRA Calls for Experienced Professionals to Join Its Board

Analysis of 7.5 Trillion DNS Queries Reveals Public Resolvers Dominate the Internet

EU-based DNS Internet Infrastructure Beginning to Take Shape, Planned to Onboard 100 Million Users

DNS Abuse Institute Launches Centralized DNS Abuse Reporting Service

CENTR Publishes Comment on the European Commission’s DNS Abuse Study

Ukrainian Representatives to ICANN Ask for Russia’s Domain to Be Revoked, Local DNS Root Servers Shut Down

InternetNZ Has Disclosed a Vulnerability That Can Be Weaponized Against Authoritative DNS Servers

Security Researcher Dan Kaminsky Has Died

PIR Launches New Institute to Combat DNS Abuse

DNSSEC Now Deployed in all Generic Top-Level Domains, Says ICANN

A New Privacy-Focused DNS Protocol Released Called Oblivious

CENTR Has Released an Animated Video on ccTLDs and Their Technical Role Concerning Content

New Digital Services Act Should Not Disrupt Internet’s Technical Operations, Warn RIPE NCC, CENTR

Trump Admin Ramping Up Attacks on GDPR – Says It Helps Cybercrime, Threatens Public Health

Firefox Starts the Roll Out of DNS Over HTTPS (DoH) by Default for US-Based Users

The Number Resource Organization (NRO) Issues Inspection Request to ICANN Concerning the .ORG Sale

Microsoft Announces Plans to Adopt DoH in Windows

EFF: For ISPs to Retain Power to Censor the Internet, DNS Needs to Remain Leaky

Leading Domain Registries and Registrars Release Joint Document on Addressing ‘DNS Abuse’

The U.S. House Judiciary Committee Is Investigating Google’s Plans to Implement DNS Over HTTPS

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

When Registrars Look the Other Way, Drug-Dealers Get Paid

Squeegee Domains

Ask Vint Cerf: The Road Ahead for Top-Level Domains

Industry Updates

Examining WoofLocker Under the DNS Lens

Tracing Truebot’s Roots through a DNS Deep Dive

Potential Traces of Aurora Spread Via Windows Security Update Malvertisements in the DNS

Verisign Domain Name Industry Brief: 354.0 Million Domain Name Registrations in Q1 2023

Scouring the DNS for Traces of Bumblebee SEO Poisoning

Searching for Nevada Ransomware Digital Crumbs in the DNS

Subdomain Hijacking Vulnerabilities Report: One in Five DNS Records Are Left in a State in Which They Are Vulnerable to Subdomain Hijacking

Uncovering Stolen Card E-Shops Using DNS Intelligence

Is Your Intranet Vulnerable to Attacks? Investigating Intranet Impersonation in the DNS

Detecting ChatGPT Phishing on Social Media with the Help of DNS Intelligence

SocGholish IoCs and Artifacts: Tricking Users to Download Malware

Profiling a Massive Portfolio of Domains Involved in Ransomware Campaigns

Verisign Domain Name Industry Brief: 350.4 Million Domain Name Registrations in Q4 2022

The Fight Against Hive Ransomware May Not Be Done as Yet-Unidentified Artifacts Show

Workshop Report Published: State of the DNS in 2022

Participants – Random Selection