Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
I'm sitting in the Popov Room of the ITU Tower in Geneva, the room is quiet, the atmosphere placid, chairs are empty. The final meeting of the CWG WCIT prep WG has just concluded its work and the chair will be reporting to the Council the results of our work. I find myself strangely calm and looking forward to my next week, to be spent in Prague... Should you choose to read through the documents, and they are lengthy at approximately 375 pages, you might think that a number of the proposals were directed at the Internet. more
How do we make DNSSEC even more secure through the use of elliptic curve cryptography? What are the advantages of algorithms based on elliptic curves? And what steps need to happen to make this a reality? What challenges lie in the way? Over the past few months we've been discussing these questions within the community of people implementing DNSSEC, with an aim of increasing both the security and performance of DNSSEC. more
The Silent Librarian advanced persistent threat (APT) actors have been detected once again, as the academic year started in September. With online classes increasingly becoming the norm, the group's phishing campaigns that aim to steal research data and intellectual property could have a high success rate. Dozens of phishing domain names have been reported, although some may have already been taken down. more
The merits of a Registry Service Provider accreditation programs have been debated across the Domain Industry since the most recent round of Domain Name Registries were introduced starting in 2012. This post discusses the early reasoning in support of an accreditation program; changes in the policy considerations between 2012 and now; the effects of competition on the landscape; a suggestion for how such a program might be implemented; and why such a program should be introduced now. more
I think we are finally getting somewhere: ICANN is no longer fluttering flusteredly whenever a lobbying group sends a nastygram over the transom. Case in point: a Association of National Advertisers (ANA) that arrived a few days ago, full of bombast and muscle-flexing, demanding that ICANN immediately stop the new gTLD program until a long list of demands from the ANA were met, or else the ANA would be forced to take some Very Scary Actions... more
Since Verisign published its second SSR report a few weeks back, recently updated with revision 1.1, we've been taking a deeper look at queries to the root servers that elicit "Name Error," or NXDomain responses and figured we'd share some preliminary results. Not surprisingly, promptly after publication of the Interisle Consulting Group's Name Collision in the DNS [PDF] report, a small number of the many who are impacted are aiming to discredit the report. more
DNSSEC adoption has been slow, but is now picking up speed, thanks to organizations leading the way. ... While some registries have already signed, some have announced plans to sign and others are still trying to figure out their plan. Either way, DNSSEC is here. How can we make DNSSEC adoption quicker and easier not only for the registry but for individual name owners? more
You wake up, make coffee, sit down by the computer and start reading your favorite web sites. You fire up your favorite browser and type 'www.site.com' on the address bar, hit enter and continue sipping on that coffee. You wait for the page to load, sipping some more coffee - a few seconds later you get the Google search results for 'www.site.com'. You scratch your head, sip some more coffee, and start wondering if you did a typo, but no it is correct - Google is not correcting your spelling. more
As described in New RIPE Atlas Features in the Making, each RIPE Atlas probe performs "anycast instance discovery" measurements. This means, for each DNS root name server, we determine which instance of a name server a probe uses. We compile the data from all probes and build maps showing these results for each Atlas probe. In other words, the map shows the "gravitational radius" for root DNS server instances. more
For a brief moment earlier this week, I thought my days spent dreaming of hover-boards, flying cars and Biff's elusive Sports Almanac were finally over. From reports circulating online, we had finally reached "Back to the Future Day". Those movie buffs out there will know exactly what I'm referring to... But it got me thinking. What would the Domain Name world look like if that crazy cat Doc Brown swung past in his DeLorean, with a fully-charged flux capacitor and a return ticket to October 21st 2015? more
A name collision occurs when a user attempts to resolve a domain in one namespace, but it unexpectedly resolves in a different namespace. Name collision issues in the public global Domain Name System (DNS) cause billions of unnecessary and potentially unsafe DNS queries every day. A targeted outreach program that Verisign started in March 2020 has remediated one billion queries per day to the A and J root name servers, via 46 collision strings. more
Ok, so I had a day in Wellington that was not busy with other things so I thought I'd wander over to the ICANN venue and sit in on the PUBLIC Forum... I saw friends on the walk over and we entered the venue, chatting about several different things. They pulled out their badges. I didn't have one. They were admitted, I was denied entrance... more
For many years the consuming topic in DNS circles was that of the names themselves. If you wind the clock back twenty years or so, you will find much discussion about the nature of the Internet's namespace. Why were there both generic top-level labels and two-letter country codes? If we were going to persist with these extra-territorial generic country codes in the namespace, then how many should there be? Who could or should manage them? And so on. more
Before we get into what DNSSEC is and the benefits of it, let's talk about some of the other potential pitfalls of DNS. One of the most significant issues we have to deal with are denial-of-service (DoS) attacks. While DoS attacks are not specific to DNS we have seen DNS be a frequent target of these attacks. more
Wednesday's announcement by the Obama administration, that former Washington state governor Gary Locke has been nominated as the next Secretary of Commerce could be a good sign for Internet governance, and the continued globalization of the ICANN regime. The Chinese-American Locke brings key political capital and experience to the table. He is well respected within and has access to the most senior levels of the Chinese government... more
A World-Renowned Source for Internet Developments. Serving Since 2002.