Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS Security |
Sponsored by |
|
The recent announcement in eWeek titled "Feds Won't Let Go of Internet DNS" (slashdotted here) has some major internet policy implications. The short, careful wording appears to be more of a threat to ICANN than a power grab. In short, the US Department of Commerce's (DOC) National Telecommunications and Information Administration (NTIA) announced that it was not going to stop overseeing ICANN's changes to the DNS root. ...Of course, they have done next to nothing to support DNSSEC or other proposal for securing the DNS, but it sounds reassuring. The last sentence shows that the Bush administration shares the Clinton administration's lack of understanding of how the internet should evolve... more
In Part I of this article I set the stage for our discussion and overviewed the October 21st DDoS attacks on the Internet's 13 root name servers. In particular, I highlighted that the attacks were different this time, both in size and scope, because the root servers were attacked at the same time. I also highlighted some of the problems associated with the Domain Name System and the vulnerabilities inherent in BIND. Part II of this article takes our discussion to another level by critically looking at alternatives and best practices that can help solve the security problems we've raised. more
Earlier this week, Poland’s new President, Karol Nawrocki, vetoed amendments to the Act on Assistance to Citizens of Ukraine, provoking debate over critical satellite connectivity. Deputy Prime Minister and Minister of Digital Affairs Krzysztof Gawkowski warned that the veto “de facto switched off Starlink for Ukraine,” potentially disrupting connectivity for hospitals, schools, and government operations. more
At the 20th Internet Governance Forum in Lillestrøm, Norway, the UN Internet Governance Forum's dynamic coalition Internet Standards, Security and Safety (IS3C) released its new report on post-quantum policies. This report presents the findings of a collaborative study undertaken by IS3C and the French domain name registry Afnic and examines the critical need for Post-Quantum Cryptography (PQC) to achieve greater security in the ever-expanding global IoT landscape. more
At the Internet Governance Forum (IGF) 2024 in Riyadh, the Internet Standards, Security and Safety Coalition (IS3C) released a new tool: 'To deploy or not to deploy, that's the question. How to convince your boss to deploy DNSSEC and RPKI'. In this report, IS3C advocates mass deployment of these two newer generation, security-related internet standards, as their deployment contributes significantly to the safety and security of all internet users. more
I recently appeared on the 419 Consulting podcast to discuss the European Union's NIS 2.0 Directive and its impact on the domain name ecosystem. I encourage all TLD registries, domain name registration service providers, and DNS operators to listen to the recording of that session which Andrew Campling has made available. more
As a member of the ROW Planning Committee, I am writing this post on behalf of the Committee and welcome all community members to join us on June 4th. We are celebrating ROW's 10th anniversary! A decade of collaboration and inspiration! Thank you to the incredible community that has fueled this journey! more
The Internet Watch Foundation (IWF) leads the charge to combat child sexual abuse material (CSAM) online, and we at Public Interest Registry (PIR) are dedicated to supporting their efforts. We are honored to work with them across two important programs: Domain Alerts and TLD Hopping List. IWF services have been extremely successful in addressing CSAM on .ORG over the past five years more
From the creation of DNSAI Compass ("Compass"), we knew that measuring DNS Abuse1 would be difficult and that it would be beneficial to anticipate the challenges we would encounter. With more than a year of published reports, we are sharing insights into one of the obstacles we have faced. One of our core principles is transparency and we've worked hard to provide this with our methodology. more
In cooperation with the ICANN Security and Stability Advisory Committee (SSAC), we are planning a DNSSEC and Security Workshop for the ICANN78 Annual General Meeting being held as a hybrid meeting from 21-26 October 2023 in Hamburg, Germany in the Central European Summer Time Zone (UTC +2). This workshop date will be determined once ICANN creates a block schedule for us to follow; then we will be able to request a day and time. more
For a long time, arguments about the meaning of "DNS Abuse" prevented fruitful discussions within the ICANN community on when and how it is appropriate to act at the level of the DNS to address abuses online. The proposed amendments to RA and RAA agreements represent a significant and welcomed step in the right direction. As Secretariat of the Internet & Jurisdiction Policy Network (I&JPN), we strongly encourage their adoption... more
The DNS Abuse Institute recently published our sixth monthly report for our project to measure DNS Abuse: DNSAI Compass ('Compass'). Compass is an initiative of the DNS Abuse Institute to measure the use of the DNS for phishing and malware. The intention is to establish a credible source of metrics for addressing DNS Abuse. We hope this will enable focused conversations, and identify opportunities for improvement. more
Are you doing something interesting with DNS, DNSSEC, or routing security that you would like to share with the larger DNS community at the ICANN 76 meeting in March 2023? If so, please send a brief (1 -- 3 sentence) description of your proposed presentation to [email protected] by the close of business on Friday, 20 January 2023. Are you doing something interesting with DNS, DNSSEC, or routing security that you would like to share with the larger DNS community at the ICANN 76 meeting in March 2023? more
Do you have information about DNS security or routing security that you would like to share with the global community? Have you developed a new tool or system in this area? Do you have results from a research project that you want to share with a technical community? If so, please consider submitting a proposal to the DNSSEC and Security workshop to be held at ICANN 74 in June 2022. more
When we look at the intersection of cryptocurrency and domain data, we see something insidious: The prevalence of crypto-related threats. And it's not just cryptojacking. It's not even the use of cryptocurrency which has made ransomware attacks easier for threat actors to commit and all the more widespread. As with nearly every trend, there is always someone looking to capitalize on it and use it for their own, personal gain. Ever since cryptocurrency became the pandemic hobby of choice, threat actors have begun to target crypto novices for their schemes. more
A World-Renowned Source for Internet Developments. Serving Since 2002.
