NXDOMAIN

The DNS is a strange and at times surprising environment. One could take a simple perspective and claim that the aim of the DNS is to translate DNS names into IP addresses. And you wouldn’t be wrong, but it’s also so much more. The DNS is also used as a…


OARC 40

OARC held a 2-day meeting in February, with a set of presentations on various DNS topics. Here’s some observations that I picked up from the presentations in that meeting. Cache Poisoning Protection Deployment Experience In a world where every DNS name is DNSSEC-signed and every DNS client validates all received…


To DNSSEC or Not?

The early days of the Internet were marked by a constant churn of technology. For example, routing protocols came and went in rapid succession, transmission technologies were in a state of constant flux, the devices we used to interact with the emerging digital environment were changing, and the applications we…


The Root Zone of the DNS Revisited

The DNS is a remarkably simple system. You send it queries and you get back answers. Within the system you see exactly the same simplicity: The DNS resolver that receives your query may not know the answer, so it, in turn, will send queries deeper into the system and collects…


DNS in the IGF

I don’t normally make the effort to attend the Internet Governance Forum gatherings these days. It seems to me that this forum continues to struggle for relevance. In my view it has never been able to realize an effective engagement with the set of actors who make up the supply…


Looking at Centrality in the DNS

The Internet’s Domain Name System undertakes a vitally important role in today’s Internet. Originally conceived as a human-friendly way of specifying the location of the other end of an Internet transaction, it became the name of a service point during the transition to a client/server architecture. A domain name was…


Notes from OARC 39

OARC held its fall meeting in Belgrade on October 22 and 23. Here are my impressions of some of the presentations from that meeting. UI, UX, and the Registry/Registrar Landscape One of the major reforms introduced by ICANN in the world of DNS name management was the separation of registry…


DNS Evolution: Innovation or Fragmentation?

There is no single name system that is necessarily bound to the Internet. Unlike IP addresses which are in every IP packet, names are an application construct, and, in theory, applications have considerable latitude in how they handle such names. There could be many name systems that could coexist within…


Fragmentation

One of the discussion topics at the recent ICANN 75 meeting was an old favourite of mine, namely the topic of Internet Fragmentation. Here, I’d like to explore this topic in a little more detail and look behind the kneejerk response of declaiming fragmentation as bad under any and all…


DoH, DoT and Plain old DNS

The evolution of the DNS name resolution environment has seen the DNS recursive resolver moving further away from the end client, with an Internet segment often being interposed between the client and the recursive resolver. The combination of an open DNS protocol and a public Internet segment between the client…