We would like to provide you with a better user experience. Please re-enable Javascript in your web browser.
The process of rolling the DNS Root’s Key Signing Key of the DNS has now started. During this process there will be a period where the root zone servers’ response to a DNS query for the DNSKEY resource record of the root zone will grow from the current value of…
RIPE held its 73rd meeting in Madrid in the last week of October. Here are a few of my takeaways from that meeting. What’s behind all those NATs? We suspect that there are at least 10 billion devices connected to today’s Internet, and we know that less than two billion…
IPv4 addresses are not the only Internet number resource that has effectively run out in recent times. Another pool of Internet numbers under similar consumption pressures has been the numbers that are intended to uniquely identify each network in the Internet’s inter-domain routing space. These are Autonomous System numbers (ASNs).…
I was struck at a recent NANOG meeting just how few presentations looked at the ISP space and the issues relating to ISP operations and how many were looking at the data centre environment. If the topics that we use to talk to each other are any guide, then this…
The recent attacks on the DNS infrastructure operated by DYN in October 2016 have generated a lot of comment in recent days. Indeed, it’s not often that the DNS itself has been prominent in the mainstream of news commentary, and in some ways this DNS DDOS prominence is for all…
NANOG held its 68th meeting in Dallas in October. Here’s what I found memorable and/or noteworthy from this meeting. The meeting opened with Scott Bradner and a history of the IANA. Given that the arrangements with the US Government exercising some level of oversight on the IANA function lapsed on…
October 2016 marks a milestone in the story of the Internet. At the start of the month the United States Government let its residual oversight arrangements with ICANN (the Internet Corporation for Assigned Names and Numbers) over the operation of the Internet Assigned Numbers Authority (IANA) lapse. No single government…
DNS OARC is the place to share research, experiences and data primarily concerned with the operation of the DNS in the Internet. Some highlights for me of the most recent meeting, held in October 2016 in Dallas, were: DNS DDOS attacks: This presentation was about using an authoritative server exhaustion…
The exhortations about the Internet’s prolonged transition to version 6 of the Internet Protocol continue, although after some two decades the intensity of the rhetoric has faded and, possibly surprisingly, it has been replaced by action in some notable parts of the Internet. But how do we know there is…
Two years ago I reported on the use of the elliptical curve cryptographic algorithm in generating digital signatures for securing the DNS (DNSSEC) (http://www.potaroo.net/ispcol/2014-10/ecdsa.html). The conclusion at the time was hardly encouraging: “Will ECDSA ever be useful tool for DNS and DNSSEC? As good as ECDSA is in presenting strong…
