We would like to provide you with a better user experience. Please re-enable Javascript in your web browser.
The DNS is normally a relatively open protocol that smears its data (which is your data and mine too!) far and wide. Little wonder that the DNS is used in many ways, not just as a mundane name resolution protocol, but as a data channel for surveillance and as a…
The design of IPv6 represented a relatively conservative evolutionary step of the Internet protocol. Mostly, it’s just IPv4 with significantly larger address fields. Mostly, but not completely, as there were some changes. IPv6 changed the boot process to use auto-configuration and multicast to perform functions that were performed by ARP…
DNS OARC held a two day workshop in Buenos Aires prior to IETF 95 at the end of March 2016. Here are my impressions of this meeting. For a supposedly simply query response protocol that maps names to IP addresses there a huge amount going on under the hood with…
In the world of public key cryptography, it is often observed that no private key can be a kept as an absolute secret forever. This does not mean that a private key remains a secret for a limited time and then the underlying cryptography spontaneously breaks apart and the key…
It seems that some things just never die, and this includes DNS queries. In a five month experiment encompassing the detailed analysis of some 44 billion DNS queries we find that one quarter of these DNS queries are zombies – queries that have no current user awaiting the response, and…
What’s in a name? that which we call a roseBy any other name would smell as sweet;Romeo and Juliet, Act II, Scene II What’s the difference between .local and .here? Or between .onion and .apple? All four of these labels are capable of being represented in the Internet’s Domain Name…
The DNS Operations, Analysis and Research Centre holds a 2 day workshop twice a year. These are my impressions of the Fall 2015 workshop, held at the start of October in Montreal. At the outset I note that there was less of an emphasis on the coopting of the DNS…
Measuring the Root KSK Keyroll A little over five years ago the root zone of the Domain Name System (DNS) was signed using the DNSSEC name-signing framework. The approach used to sign the root zone is a conventional one, using two keys. The root zone has a “working key”, the…
The DNS is a very simple protocol. The protocol is a simple query / response interaction where the client passes a DNS transaction to a server with the query part of the transaction completed. The server fills in the answer part and possibly adds further information in the additional information…
If you are at all interested in how the Internet’s Domain Name System (DNS) works, then one of the most rewarding meetings that is dedicated to this topic is the DNS OARC workshops. I attended the spring workshop in Amsterdam in early May, and the following are my impressions from…
