DNS |
Sponsored by |
|
For those people tracking the evolution and deployment of DNSSEC or who are just interested in "DNS security" in general there is a great amount of activity happening next week at IETF 90 in Toronto. I dove into this activity in great detail in a recent post, "Rough Guide to IETF 90: DNSSEC, DANE and DNS Security", and summarized the activity in a Deploy360 post... more
On December 14, 2022, the European Parliament adopted the Directive on measures for a high common level of cybersecurity across the Union (Directive (EU) 2022/2555) hereinafter referred to as "NIS2"), which was published in the official journal on December 27, 2022. Being a directive, NIS2 requires transposition into national law. According to Art. 41 of NIS2, the transposition into national law must take place by October 17, 2024 and the measures must be applied as of October 18, 2024. more
DNS-over-HTTPs (DoH) has sometimes been regarded as the next big thing in web security. The system, it's been argued, can help to defeat many common types of cyberattack -- and particularly DNS cache poisoning and MITM eavesdropping. Presumably, this is the reason that both Google and Mozilla implemented DoH in their browsers (Chrome and Firefox, respectively) at the end of last year. In reality, though, it's far from clear that DoH is a solution to any real-world problem. more
I was reading about the Nieman Marcus lawsuit and on a phone call related to the "Working Group on Mechanisms to Protect Rights of Others", when suddenly it occurred to me that this whole rush to rid the world of typos could eventually head in a messy direction... How far can this go? Let me take you back to that phone call I was on where representatives of Yahoo indicated they would try to secure Flicker.XXX as a TYPO of Flickr.com (their made up brand name) during a potential new TLD sunrise period. How backward is that? A Typo that became a brand, trying to call the generic name a variant of their trademark! more
One of the "fathers of the internet," Vint Cerf, in a September 2019 article he published, said: "Today, hackers routinely break into online accounts and divert users to fake or compromised websites. We constantly need to create new security measures to address them. To date, much of the internet security innovation we've seen revolves around verifying and securing the identities of people and organizations online. more
As we watch the Ukraine and Russia conflict over boundaries and territories, I chanced upon a YouTube video showing the region of Europe and how, for the last 1000 years, national boundaries and names of nations have changed where in 1142, you had nations like Muslim Spain, Kievan Rus. In 1143 the Kievan Rus included modern-day Ukraine and Crimea, and in 1163 bulk of Central and Southern Europe was the Holy Roman Empire... more
Do you have an idea for an innovative use of DNSSEC or DANE? Have you recently deployed DNSSEC or DANE and have some "lessons learned" that you could share? Did you develop a new tool or service that works with DNSSEC? Have you enabled DNSSEC by default in your products? (And why or why not?) Do you have ideas about how to accelerate usage of new encryption algorithms in DNSSEC? more
Want to learn about the state of DNSSEC usage in North America? Or what is new in DNS monitoring? Or where DNSSEC fits into the plans of operating systems? Or how DANE is being used to bring a higher level of security to email? All those questions and much more will be discussed at the DNSSEC Workshop at ICANN 51 happening on Wednesday, October 15, 2014, from 8:30 am to 2:45 pm Pacific Daylight Time (PDT, which is UTC-7). more
ICANN has released a set of guidelines to explain its Coordinated Vulnerability Disclosure Reporting. The guidelines serve two purposes, says ICANN: "They define the role ICANN will perform in circumstances where vulnerabilities are reported and ICANN determines that the security, stability or resiliency of the DNS is exploited or threatened. The guidelines also explain how a party, described as a reporter, should disclose information on a vulnerability discovered in a system or network operated by ICANN." more
As the shorter of the ICANN interregnums comes to a close and the ICANN faithful finalize their dinner reservation agendas for Brussels, it is time again for a preview of what will be 'on-tap' at next week's ICANN meeting. While, as always, there is a lot going on in ICANN Land, a scan of the blogosphere and ICANN list serves suggests that the four most discussed topics will be... more
At a workshop on the implications of Article 28 for the DNS industry organized by eco -- Association of the Internet Industry in October 2023, stakeholders from the DNS industry, the European Commission, national governments, and the ICANN community convened to discuss the challenges facing the DNS industry and to work together on avoiding fragmentation as much as possible. more
This month, we are seeing a very busy global ecosystem with the ICANN 51, UN General Assembly meeting to discuss ICT for Development in New York and now the 19th ITU Plenipotentiary in Busan. Pinktober, Oktoberfest has also become saturated with ICTober so it makes me more reflective. First I would like to make a massive shout out to all those battling cancer, survivors and families who wage war against cancer. May you all walk on and walk strong! more
In World of Ends, Doc Searls and Dave Weinberger enumerate the Internet's three virtues: 1. No one owns it. 2. Everyone can use it. 3. Anyone can improve it. ... Online services and interactions are being held back by the lack of identity systems that have the same virtues as the Internet. This post describes what we can expect from an Internet for identity. more
The best and most knowledgeable experts of dot Brand met in the Brands and Domains conference, on October 2 and 3 in the Hague, Netherlands. Brand and project owners were also present, coming from all around the world -- from Australia or Japan to the USA and Canada. The keynote by Georges-Edouard Dias, CEO of Quantstreams and founder of the concept of brand hospitality, explained how customers are not anymore the targets of brands. more
The Registration Operations Workshop (ROW) was conceived as an informal industry conference that would provide a forum for discussion of the technical aspects of registration operations in the domain name system and IP addressing. The 11th ROW will be held online on Tuesday, June 21st, 2022 at 13h00 -- 16h00 UTC. The discussion topics will be... more
A World-Renowned Source for Internet Developments. Serving Since 2002.