DNS |
Sponsored by |
|
The ICANN Security and Stability Advisory Committee (SSAC) and the Internet Society Deploy360 Programme are planning a DNSSEC and Security Workshop on Wednesday, 06 November 2019, during the ICANN66 meeting held from 02-07 November 2019 in Montreal, Canada. The original DNSSEC Workshop has been a part of ICANN meetings for many years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments. more
Couple of weeks ago I started a new initiative called "Names, Numbers and Beyond". I started this as I genuinely think we are facing big issues due to the uncontrolled and non-standard growth of the IP and Name space used today and tomorrow. To keep in control and make everything manageable, parcelling out IP address space and the use of tight naming standards/policies is necessary to make networks work better and make them achievable. more
Kieren McCarthy reporting in the Register: "The US government has posted a step-by-step guide to how it authorizes changes to the internet's root zone -- the heart of the world's domain-name system. The 16-page slide deck published by the Department of Commerce's National Telecommunications and Information Administration (NTIA) sheds light on what has been a contentious and largely secret process for the past 15 years." more
If there's one simple - high impact - thing you could do to quickly check whether your network has been taken over by a criminal entity, or uncover whether some nefarious character is rummaging through your organizations most sensitive intellectual property out of business hours, what would it be? In a nutshell, I'd look to my DNS logs. It's staggering to me how few security teams have gotten wise to regularly interrogating the logs from their recursive DNS servers. more
Want to learn more about the current state of DNSSEC? Want to see demos of new software to secure email? Curious about the potential impact of the Root Key Rollover happening this year? Next week in Copenhagen, Denmark, ICANN 58 will include some great technical info about DNSSEC and DANE happening in several sessions. Here is the plan... more
Last week, millions of infected devices directed Internet traffic to DNS service provider Dyn, resulting in a Distributed Denial of Service (DDoS) attack that took down major websites including Twitter, Amazon, Netflix, and more. In a recent blog post, security expert Bruce Schneier argued that "someone has been probing the defences of the companies that run critical pieces of the Internet". This attack seems to be part of that trend. This disruption begs the question: Can we trust the Internet? more
The quantum computing era is coming, and it will change everything about how the world connects online. While quantum computing will yield tremendous benefits, it will also create new risks, so it's essential that we prepare our critical internet infrastructure for what's to come. That's why we're so pleased to share our latest efforts in this area, including technology that we're making available as an open source implementation to help internet operators worldwide prepare. more
The Internet Society (ISOC) has addressed human rights issues related to Internet access stating "[t]he increasing pressure to limit access to the Internet has escalated the sense of urgency in addressing this situation." ISOC, in the announcement, reaffirmed its policy area and its work to bring attention to the impact of Internet freedom on other aspects of human rights. more
In an Internet governance agenda that treats diversity of addressing issues as the ultimate end at any cost, technology and its end-users are mere means, and much of the work that sustains the Internet is ignored entirely. As a nation, you are free to initiate different regulations, but when you start getting into the world of infrastructure, you are legislating far beyond the nation-state borders. more
Wikipedia defines a Mexican standoff as "a confrontation in which no strategy exists that allows any party to achieve victory. As a result, all participants need to maintain the strategic tension, which remains unresolved until some outside event makes it possible to resolve it." This would be an apt way to describe what may be possibly occurring presently between the Internet Corporation for Assigned Names and Numbers (ICANN) and its largest ratepayer, VeriSign. more
The other day, I planned to take my 15-year-old son to the movie theatre to see "Hateful Eight" in 70mm film format. The theatre would not allow him in. Under article 240a of the Dutch penal code, it is a felony to show a movie to a minor when that movie is rated 16 or above. Even though I think I am responsible for what my son gets to see, I understand that the rating agency put a 16-year stamp on this politically-incorrect-gun-slinging-gore-and-curse-intense-comedy feature. more
Public comments on the Proposed Recommendations published by the Accountability and Transparency Review Team ("ATRT") have now been submitted, and it is worth stepping back to evaluate ATRT's work in the context of ICANN's larger challenges. ATRT was constituted to carry out ICANN's commitments under the AoC. Yet at times ICANN acted as if ATRT were an adversary rather than a partner... more
Since last fall, several waves of distributed denial of service (DDoS) attacks have targeted major players in the U.S. banking industry. JPMorgan Chase, Wells Fargo and PNC were among the first to sustain intermittent damage. Eventually, the top 50 institutions found themselves in the crosshairs... In the months to come, security experts would praise the banks' collective response, from heightened DDoS protection to candid customer communications.. these larger institutions have learned some painful lessons that smaller firms might heed as they seek to minimize risks. more
The domain name system is not the place to police speech. ICANN is legally bound not to act as the Internet's speech police, but its legal commitments are riddled with exceptions, and aspiring censors have already used those exceptions in harmful ways. This was one factor that made the failed takeover of the .ORG registry such a dangerous situation. But now, ICANN has an opportunity to curb this abuse and recommit to its narrow mission of keeping the DNS running... more
The 2010 Domain Pulse, hosted by SWITCH (the .CH registry) was held in the snowy Swiss city of Luzern. Domain Name Security (DNS) was of particular importance in this year's meeting with DNSSEC being implemented in the root zone in 2010 by ICANN, and by many registries in the next few years. ICANN plan to have all root servers signed with DNSSEC by mid-2010 Kim Davies, Manager, Root Zone Services at ICANN told the meeting, starting with the L root server, then A root server with the last being the J root server as all are gradually signed. more
A World-Renowned Source for Internet Developments. Serving Since 2002.