DNS

Sponsored
by

DNS / Recently Commented

Learn More About the DNS at DNIB.com

DNIB.com is a new industry-focused source of information, insights and data on the Domain Name System (DNS) -- a place to hear directly from subject-matter experts about relevant policy and governance news, DNS security and technology topics, and to provide industry data, analysis and insights on a regular schedule. DNIB.com builds on the Domain Name Industry Brief Quarterly Report, which summarizes the state of the domain name industry through a variety of statistical and analytical research. more

How to Take a Proactive Approach to DNS Health

Because DNS is such an omnipresent part of modern networking, it's easy to assume that functional DNS infrastructure can be left running with minimal adjustments and only needs to be investigated in the event of a malfunction. Yet there are small telltale signs that precede DNS issues -- and knowing what they are can help to prevent disruption before it happens. more

A New Phase of Measuring DNS Abuse

Today the DNS Abuse Institute (“DNSAI” or the “ Institute”) adds a new level of reporting for our measurement project: DNSAI Compass™ (“Compass”). With this new level of reporting, we intend to show the spectrum of how malicious phishing and malware is distributed across the DNS registration ecosystem.1 To demonstrate this, we are identifying registrars and TLDs with high and low volumes of malicious domain registrations in their Domains Under Management (DUM), or new registrations. more

Building a More Secure Routing System: Verisign’s Path to RPKI

At Verisign, we believe that continuous improvements to the safety and security of the global routing system are critical for the reliability of the internet. As such, we've recently embarked on a path to implement Resource Public Key Infrastructure (RPKI) within our technology ecosystem as a step toward building a more secure routing system. In this blog, we share our ongoing journey toward RPKI adoption and the lessons we've learned as an operator of critical internet infrastructure. more

CIRA Calls for Experienced Professionals to Join Its Board

The Canadian Internet Registration Authority (CIRA) is inviting experienced professionals to join its board and help guide the organization. more

Failed Expectations: A Deep Dive Into the Internet’s 40 Years of Evolution

In a recent workshop, I attended, reflecting on the evolution of the Internet over the past 40 years, one of the takeaways for me is how we've managed to surprise ourselves in both the unanticipated successes we've encountered and in the instances of failure when technology has stubbornly resisted to be deployed despite our confident expectations to the contrary! What have we learned from these lessons about our inability to predict technology outcomes? more

Analyzing Data for Business and Security Signals

Domain name registries and registrars play a critical role in the functioning of the internet, serving as gatekeepers to the DNS. As such, they have an important responsibility to ensure the security and stability of the DNS but also to promote the use of a domain name in a meaningful way for the end user. To be more efficient in achieving these goals, the domain name industry has started to become more open to the idea of leveraging their own internal data to gain insights about their current business. more

How You Can Be Hijacked Without Actually Being Hacked

Unsuspecting website visitors are often unaware when they have landed on a spoofed page or are re-directed to malware-hosting web servers designed to steal their sensitive data and information. This attack is known as subdomain hijacking, or subdomain takeover. A web user's private information is then traded on the dark web, and cybercriminals profit, further fueling the expansion of identity theft in the online world. more

A Brief History and Recent Developments in the Co-Existence of Web2 and Web3 Domains

The Domain Name System (DNS, aka Web 2) and Web3 platforms are two different naming systems available to internet users. While the DNS (Web2) has been a reliable and trusted internet standard for decades, Web3 platforms (such as ENS, Handshake and Unstoppable) are a relatively new technology deployment that presents unique and different features. more

Adding ZONEMD Protections to the Root Zone

The Domain Name System (DNS) root zone will soon be getting a new record type, called ZONEMD, to further ensure the security, stability, and resiliency of the global DNS in the face of emerging new approaches to DNS operation. While this change will be unnoticeable for the vast majority of DNS operators (such as registrars, internet service providers, and organizations), it provides a valuable additional layer of cryptographic security to ensure the reliability of root zone data. more

Minimized DNS Resolution: Into the Penumbra

Over the past several years, domain name queries - a critical element of internet communication - have quietly become more secure, thanks, in large part, to a little-known set of technologies that are having a global impact. Verisign CTO Dr. Burt Kaliski covered these in a recent Internet Protocol Journal article, and I'm excited to share more about the role Verisign has performed in advancing this work and making one particular technology freely available worldwide. more

Processing Domain Data to Improve Business Continuity as a Domain Name Registry

In the fall of 2022, around 9,000 numeric domain names such as 0146.se, 0148.se, 0149.se, and so on were registered in the .SE zone. These domains were registered with two registrars, Register.eu and 1API. They had the same kind of SSL certificate, and there were other similarities among them that strongly suggested they were connected. All these domains were registered after September 1, 2022, but not on the same date... more

Analysis of 7.5 Trillion DNS Queries Reveals Public Resolvers Dominate the Internet

A recent report by NS1 provides a comprehensive look at global DNS traffic trends. It reveals that public resolvers dominate the internet, accounting for nearly 60% of recursive DNS usage. Telecom giants represent nearly 9%, with Google the clear front-runner at a little over 30%, followed by Amazon Web Services at 16%. more

OARC-40: Notes on the Recent DNS Operations, Analysis, and Research Centre Workshop

OARC held a 2-day meeting in February, with presentations on various DNS topics. Here are some observations I picked up from the presentations in that meeting... In a world where every DNS name is DNSSEC-signed, and every DNS client validates all received DNS responses, we wouldn't necessarily have the problem of DNS spoofing. Even if we concede that universal use of DNSSEC is a long time off ... more

An Economic Perspective on Internet Centrality

The IETF met in November 2022 in London. Among the many sessions that were held in that meeting was a session of the Decentralised Internet Infrastructure Research Group, (DINRG). The research group's ambitions are lofty: DINRG will investigate open research issues in decentralizing infrastructure services such as trust management, identity management, name resolution, resource/asset ownership management, and resource discovery. more