Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
I don't know about you, but I'm starting to think that DNSSEC being so hot these days is a mixed blessing. Yes, it's wonderful that after so many years there is finally broad consensus for making DNSSEC happen. But being so prominent also means the protocol is taking shots from those who don't want to make the necessary software, hardware and operational modifications needed. And DNSSEC has taken some shots from those who just want to be contrarian. more
What is so secret about the word, "Capacity"? As I read and talk with people I realize the word, "capacity" is typically missing from the DNS discussion. "Capacity" and "Security" are the two cornerstones to maximizing DNS resilience; both of which are typically missing from the DNS discussion. Have you seen a single DNS node easily process over 863,000 queries per second? Have you seen a network routinely handle over 50Gbits/second in outbound traffic alone without breaking a sweat? more
It wasn't that long ago that, during a visit home, my brother asked me, "Why are you so stuck on this Internet thing?" His direct question caused me to realize that I had never actually stopped and considered why I was investing so much time – and in such a highly visible manner – into Internet governance when I wasn't being compensated for doing so and, in fact, was – not putting too fine of a point on it – flat broke. more
Could the Trump administration reverse the decision to give the Internet Corporation for Assigned Names and Numbers (ICANN) autonomy from the U.S. Department of Commerce? more
As I mentioned in a post to the Deploy360 blog today, there are three excellent sessions relating to DNSSEC happening at ICANN 50 in London next week: DNSSEC For Everybody: A Beginner's Guide; DNSSEC Implementers Gathering; DNSSEC Workshop. Find out more. more
A years-long cyberespionage campaign by a Chinese state-sponsored group known as Salt Typhoon has revealed a striking escalation in both scale and technical sophistication. more
Five years after ICANN approved the new gTLD policy in Paris, two years after it approved the implementation plan in Singapore, and a year after the application window closed and some concrete steps were taken toward delegation of new gTLDs, a series of scary-sounding "what if" scenarios have mysteriously taken over discussions at ICANN. From colliding names and failing life support systems to mass confusion and technological outages, the profusion of horror stories has rivaled the hype for the Y2K conversion, with about as much basis in fact. more
Previous posts (Part 1 and Part 2) offer background on DNS amplification attacks being observed around the world. These attacks continue to evolve. Early attacks focused on authoritative servers using "ANY" queries for domains that were well known to offer good amplification. Response Rate Limiting (RRL) was developed to respond to these early attacks. RRL, as the name suggests, is deployed on authoritative servers to rate limit responses to target names. more
A woman on the radio talks about revolution, though it's already passed. The window is now closed. A snapshot can be taken. A baseline can be set. How have the public markets valued the new gTLD program? And more importantly, how will public markets value it going forward? Until a few months ago, the new gTLD program was arcane policy discussion among a very narrow technical population of the Internet community. more
At a workshop on the implications of Article 28 for the DNS industry organized by eco -- Association of the Internet Industry in October 2023, stakeholders from the DNS industry, the European Commission, national governments, and the ICANN community convened to discuss the challenges facing the DNS industry and to work together on avoiding fragmentation as much as possible. more
For a number of years, there have been many different high profile incidents where major websites were defaced, taken offline, or crippled due to issues related to their domain registration. Last night, there was an incident where several high profile domains went offline due to issues at their registrar, and they are now coming back online after what I am sure was a few crazy hours for their operations teams and management. more
They say late converts are the most passionate believers. Until now I haven't supported the Expression of Interest (EOI) for new TLDs, the proposed mechanism to measure the number and type of likely applications. Not because it won't work (I think it'll work fine) but because I didn't think it was necessary. I've changed my mind. Here's why. more
Starting in mid-September, one of the largest and most sophisticated DDoS attacks ever targeted the titans of American banking. Initially, victims included Bank of America, JPMorgan Chase, Wells Fargo, PNC Bank, and U.S. Bancorp. In the weeks to come, others would also feel the pain. Websites crashed, customers were unable to make transactions and IT professionals and PR gurus went into panic mode. Leon Panetta, U.S. Secretary of Defense, said the attacks foreshadowed a "Cyber Pearl Harbor." more
The devastation caused by several storms during the 2017 Atlantic hurricane season has destroyed neighborhoods and taken lives across a number of Caribbean island nations including Texas and Florida in the United States. Senior Director of Internet Research & Analysis at Oracle Dyn Global Business Unit has posted a blog that takes a look at the impacts. more
With the DNSSEC Root Key Rollover coming up on October 11, how prepared are we as an industry? What kind of data can we collect in preparation? What is the cost-benefit (or not) of implementing DANE? What can we learn from an existing rollover of a cryptographic algorithm? All those questions and more will be discussed at the DNSSEC Workshop at the ICANN 62 meeting in Panama City, Panama, on Monday, June 25, 2018. more
A World-Renowned Source for Internet Developments. Serving Since 2002.