Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS Security |
Sponsored by |
|
The DNSSEC is a security protocol for providing cryptographic assurance (i.e. using the public key cryptography digital signature technology) to the data retrieved from the DNS distributed database (RFC4033). DNSSEC deployment at the root is said to be subject to politics, but there is seldom detailed discussion about this "DNS root signing" politics. Actually, DNSSEC deployment requires more than signing the DNS root zone data; it also involves secure delegations from the root to the TLDs, and DNSSEC deployment by TLD administrations (I omit other participants involvement as my focus is policy around the DNS root). There is a dose of naivety in the idea of detailing the political aspects of the DNS root, but I volunteer! My perspective is an interested observer. more
ICANN is finalising a policy to curb DNS abuse, aiming to preserve internet stability while defending freedom of expression. With regulatory pressure mounting, the multistakeholder model faces a critical test. more
The NANOG 95 conference spotlighted breakthroughs in fibre optics, wireless technology, routing security, and quantum computing, offering a forward-looking assessment of internet infrastructure and its vulnerabilities, as reported by APNIC's Geoff Huston. more
AWS is introducing Route 53 Accelerated Recovery to help organizations maintain DNS control during regional outages, offering a 60-minute recovery objective and sustained access to key API operations for critical updates and traffic management. more
A new IETF draft outlines critical limitations of DNS in supporting the Internet of Autonomous Things, highlighting challenges related to latency, mobility, security, and privacy, and proposing architectural improvements to meet evolving machine-driven demands. more
To prepare DNS security for a post-quantum future, Verisign and partners are testing new cryptographic strategies that balance security, performance, and feasibility, especially through the novel Merkle Tree Ladder mode for managing large signatures. more
eco's topDNS initiative and AV-Test are publishing monthly reports to help ISPs detect and mitigate DNS abuse by analysing malware, phishing, and PUA trends, creating a long-term data foundation for industry-wide transparency. more
Despite offering robust protection for the Domain Name System, DNSSEC suffers from poor adoption due to its complexity, cost, and operational risks. Automation and algorithmic improvements now offer practical solutions for broader deployment. more
Private DNS data lakes consolidate fragmented logs into a centralised platform, improving visibility, security, and compliance. They enable advanced analytics, strengthen threat detection, and help organisations optimise network performance in increasingly complex IT environments. more
The Registration Operations Workshop (ROW), an informal gathering of DNS professionals, is set to continue its tradition of fostering technical dialogue and knowledge-sharing across the domain name ecosystem. more
The Edgemoor Research Institute (ERI) and Taiwan's .TW Registry (TWNIC) have announced a three-year strategic partnership to enhance Domain Name System (DNS) data management and internet security. The collaboration focuses on joint research, data sharing, and capacity building, aiming to strengthen global internet infrastructure and governance. more
Cybercriminals live by the tenet "If it ain't broke, don't fix it." They'll use the same tactics repeatedly until they no longer work, then switch things up. That's why CISOs and their security teams maintain constant vigilance. Underscoring this, recent analysis of global DNS activity found that new domains continue to be a major tactic for bad actors. more
The NetBeacon Institute is pleased to publish its White Paper: Proposal for PDPs on DNS Abuse. We created this paper to support and advance ICANN Community discussions on potential policy development related to DNS Abuse. From our unique perspective, we believe there are a number of issues that are constrained enough to be a successful ICANN PDP and can make a meaningful difference in our collective work against DNS Abuse. more
Cyber criminals are the kings of recycling. Once they've found a tactic that works well, they'll keep doing it as long as they can get away with it. That's why it's so important for research teams to keep a close eye on what's happening behind the scenes with web traffic. Case in point? Our team at DNSFilter recently analyzed global DNS activity from the first quarter of 2025 and identified several notable trends. more
On Jan. 11, 2025, Verisign supported the Internet Corporation for Assigned Names and Numbers (ICANN) in taking a major step to ensure the continued security, stability, and resiliency of the Domain Name System (DNS). While imperceptible to most users, this action - specifically, the introduction of a new Domain Name System Security Extensions (DNSSEC) Key Signing Key (KSK) in the root zone - is the next step of a multi-year-long process to change, or "roll," the cryptographic key that secures the root of the DNS. more
A World-Renowned Source for Internet Developments. Serving Since 2002.
