DNS |
Sponsored by |
|
As the unallocated IPv4 address pool runs out, are Internet Service Providers (ISPs) actually deploying IPv6? The graph, first in a series from RIPE Labs, looks at the IPv6 "ripeness" of all ISPs registered as RIPE NCC members. We created a rating system that gives ISPs up to four "stars" for IPv6 services that they provide, based on the following criteria... more
DNSSEC adoption has been slow, but is now picking up speed, thanks to organizations leading the way. ... While some registries have already signed, some have announced plans to sign and others are still trying to figure out their plan. Either way, DNSSEC is here. How can we make DNSSEC adoption quicker and easier not only for the registry but for individual name owners? more
The Coalition for Internet Transparency (CFIT) filed an anti-trust suit against VeriSign for their monopoly control of the .COM registry and the expiring market of .COM domains. The claims were many including excessive financial pressure lobbying and lawsuits to force ICANN into renewing the VeriSign .COM agreement under very self-serving terms. ICANN inevitably was paid millions of dollars to settle the suit. However, the saga continues once again. ... In the light of continuous and relentless discussions and proposals by the Vertical Integration working group, one question is in the back of everyone's mind. Could the decision on Vertical Integration backfire on ICANN and invite similar suits in the domain name space? more
So we finally have a signed root zone. Now when is someone going to answer the question I first asked over five years ago and have still not had an answer to: How do the domain name owner's keys get into the TLD? Before we have a system people can use there have to be technical standards, validation criteria and a business model. Where are they? more
July 15, 2010 (yesterday) marked the end of the beginning for DNSSEC, as the DNS root was cryptographically signed. For nearly two decades, security researchers, academics and Internet leaders have worked to develop and deploy Domain Name System Security Extensions (DNSSEC). DNSSEC was developed to improve the overall security of the DNS, a need which was dramatized by the discovery of the Kaminsky bug a few years ago. more
As the implementation of DNSSEC continues to gather momentum and with a number of ccTLDs, and the '.org' gTLD having deployed it into their production systems, I think it is worth pausing to take a look at the entire DNSSEC situation. Whilst it is absolutely clear that DNSSEC is a significant step forward in terms of securing the DNS, it is but one link in the security chain and is therefore not, in itself, a comprehensive solution to fully securing the DNS system. more
For a brief moment earlier this week, I thought my days spent dreaming of hover-boards, flying cars and Biff's elusive Sports Almanac were finally over. From reports circulating online, we had finally reached "Back to the Future Day". Those movie buffs out there will know exactly what I'm referring to... But it got me thinking. What would the Domain Name world look like if that crazy cat Doc Brown swung past in his DeLorean, with a fully-charged flux capacitor and a return ticket to October 21st 2015? more
Last week ICANN took another very significant step forward in the expansion of the internet by approving the delegation of a number of Chinese script IDN ccTLDs. Although we have all heard statements that portray the introduction of IDN ccTLDs as being perhaps the single most important factor in the achievement of ICANN's "One World, One Internet" vision, we should take a moment to appreciate the true significance of this latest round of IDN ccTLD approvals. more
Capacity and scalability are necessary in managing DNSSEC and D/DoS. Capacity, necessary for maintaining operations during D/DoS attacks, is also necessary for increased traffic due to DNSSEC deployment. Scalability is highly important, as DNSSEC is deployed not only will greater traffic levels will be encountered, greater demand will be placed on the DNS platform. In the interest of understanding both capacity and scalability CommunityDNS conducted tests to assess the readiness of the two main DNS server platforms, BIND and NSD... more
The key to fixing any part of the Internet infrastructure is to understand the business cases for the parties whose behavior you want to influence and design the technology accordingly. People who follow this approach (Sir Tim Berners-Lee and the World Wide Web) have a chance of succeeding. People who ignore it (DNSSEC, IPv6) will fail. The root problem here is that the ICANN DNS does not differentiate between the parts of the Internet that are accountable and those that are not. more
A World-Renowned Source for Internet Developments. Serving Since 2002.