DNS

Preparing DNSSEC for the Post-Quantum Era

To prepare DNS security for a post-quantum future, Verisign and partners are testing new cryptographic strategies that balance security, performance, and feasibility, especially through the novel Merkle Tree Ladder mode for managing large signatures.

eco and AV-Test Publish Monthly topDNS Reports for Internet Service Providers

eco's topDNS initiative and AV-Test are publishing monthly reports to help ISPs detect and mitigate DNS abuse by analysing malware, phishing, and PUA trends, creating a long-term data foundation for industry-wide transparency.

The Public Interest and the Root: Why the Next Round Demands a Public Law Approach to DNS Governance

As ICANN prepares to expand the domain name space, calls grow for a public-law framework to govern the DNS root, ensuring global equity, transparency, and accountability in managing the Internet's core infrastructure.

The Governance of the Root of the DNS

The arrangements regarding the composition and organisation of the provision and operation of authoritative root servers are one of the more long-lasting aspects of the public Internet. In the late 1980s, Jon Postel, as the IANA, worked with a small set of interested organisations to provide this service. It was informally arranged, without contracts and without payment of any form.

Breaking Ground: Historic Launch of UN Global Mechanism for Cyberspace Governance

The international community has long struggled with the challenge of translating international law into actionable norms and practices in cyberspace. The conclusion of the United Nations Open-Ended Working Group (OEWG) on the security of and in the use of information and communications technologies 2021-2025 marks a vital milestone in that ongoing process.

Censorship-by-Infrastructure: How DNS Blocking Threatens the Open Internet—and How You Can Help Document It

What happens when governments don't just regulate content, but forcibly repurpose the very guts of the Internet's infrastructure to enforce their policies? The chilling answer, increasingly evident worldwide, is widespread, devastating collateral damage. Around the world, neutral systems like Domain Name System (DNS) resolvers and IP routing, the bedrock of our digital lives, are being weaponized as enforcement tools.

A Targeted Blueprint for Tackling DNS Abuse

The NetBeacon Institute is pleased to publish its White Paper: Proposal for PDPs on DNS Abuse. We created this paper to support and advance ICANN Community discussions on potential policy development related to DNS Abuse. From our unique perspective, we believe there are a number of issues that are constrained enough to be a successful ICANN PDP and can make a meaningful difference in our collective work against DNS Abuse.

How New Domains are Driving DNS-based Attacks

Cyber criminals are the kings of recycling. Once they've found a tactic that works well, they'll keep doing it as long as they can get away with it. That's why it's so important for research teams to keep a close eye on what's happening behind the scenes with web traffic. Case in point? Our team at DNSFilter recently analyzed global DNS activity from the first quarter of 2025 and identified several notable trends.

The 2024-2026 Root Zone KSK Rollover: Initial Observations and Early Trends

On Jan. 11, 2025, Verisign supported the Internet Corporation for Assigned Names and Numbers (ICANN) in taking a major step to ensure the continued security, stability, and resiliency of the Domain Name System (DNS). While imperceptible to most users, this action - specifically, the introduction of a new Domain Name System Security Extensions (DNSSEC) Key Signing Key (KSK) in the root zone - is the next step of a multi-year-long process to change, or "roll," the cryptographic key that secures the root of the DNS.

Beyond WHOIS: CircleID and Edgemoor Research Institute Second Event on ‘Filling the Gaps’

Experts at a CircleID and Edgemoor Research Institute webinar debated the challenges of domain registration data access in a post-GDPR world. Panelists explored the tension between privacy laws and legitimate data requests, the role of automation in disclosure decisions, and the need for a scalable, trust-based framework to balance compliance, cybersecurity, and enforcement interests.

Beyond WHOIS: Filling the Gaps

Amid evolving privacy laws and rising cybersecurity threats, domain registration data disclosure remains a contentious issue. Beyond WHOIS: Filling the Gaps brings together experts to examine Project Jake's policy framework, aiming to balance privacy with legitimate access. Join industry leaders for insights on policy clarity, operational efficiency, and the future of domain name governance.

Beyond WHOIS: CircleID and Edgemoor Research Institute Inaugural Event on Balancing Privacy and Legitimate Data Needs

The global debate over Internet privacy and security took center stage in a webinar hosted by CircleID in partnership with the Edgemoor Research Institute. The event marked the first in a series exploring the delicate balance between safeguarding personal data and ensuring legitimate access to domain name registration details. As governments, cybersecurity experts, law enforcement, and intellectual property holders grapple with the evolving regulatory landscape, Project Jake seeks to establish a framework that prioritizes policy clarity, efficiency, and adaptability.

Beyond WHOIS: Towards a New Framework of Internet Domain Registration Data Disclosure

The collection and disclosure of DNS registration data have evolved chaotically, influenced by GDPR and other privacy laws. The system, while improving privacy, has enabled bad actors and raised costs for registrars and registries. Join experts at this event as they explore Project Jake's framework for balancing privacy with legitimate data needs, emphasizing policy clarity, efficiency, and adaptability.

Why Most People Haven’t Heard of the DNS Root Server System

At the ICANN 81 meeting in Istanbul on 10 November 2024, I gave a presentation about the DNS Root Server System, in an effort to increase understanding of the Root Server System (RSS) and Root Server Operators (RSOs). The talk was intended for the members of the ICANN Governmental Advisory Committee (GAC), but much of this explanation may be of interest to general audiences.

New Data on Domain Name Contact Availability and Privacy

Nearly 90% of the internet's generic top-level (gTLD) domain names do not have identifying contact information in the Registration Data Directory Services (RDDS) system, according to a report by Interisle Consulting Group. A key finding of the report is the rapid growth of registrar-provided proxy service offerings and the inclusion of these services for both new and existing registrations.