DNS

DNS / Recently Commented

The End of the Road: ICANN, Whois, and Regulation

There's a well-documented crisis facing the domain name system: very few who rely on domain name registration data from the Whois database to perform vital functions can do so any longer, which is escalating consumer harm and abuse on the internet worldwide. And the problems, thanks to ICANN's overly restrictive policy post-GDPR and a failing policy process, are piling up. more

Doing Our Part for a Safer, Stronger DNS

Public Interest Registry is the industry leader of DNS Anti-Abuse efforts on the Internet. Since our inception, we have worked to empower people and organizations that use the Internet to make the world a better place. Whether a .ORG is the foundation of an individual voice, a global non-profit, or any organization that is part of the mission-driven .ORG community, we are proud to have earned the trust of so many dedicated users. more

Leading Domain Registries and Registrars Release Joint Document on Addressing 'DNS Abuse'

A group of leading domain name registries and registrars have joined forces in the fight against abuse in the Domain Name System (DNS), by developing a "Framework to Address Abuse." Each contributing company has shared its expertise and experience mitigating abusive practices with the goal of submitting the resulting Framework as a foundational document for further discussion in the multistakeholder community.  more

Domain Name System to Be Featured Prominently in Upcoming Review of EU Safe Harbor Rules

In July 2019, Netzpolitik and others leaked an internal document by DG Connect that outlines the European Commission's thoughts on an update of the E-Commerce Directive. Based on this document, it seems that the domain name system and its actors will be prominently addressed in the Ursula von der Leyen's Commission-cycle from 2019 to 2025. more

DNS-over-HTTPS: Privacy and Security Concerns

The design of DNS included an important architectural decision: the transport protocol used is user datagram protocol (UDP). Unlike transmission control protocol (TCP), UDP is connectionless, stateless, and lightweight. In contrast, TCP needs to establish connections between end systems and guarantees packet ordering and delivery. DNS handles the packet delivery reliability aspect internally and avoids all of the overhead of TCP. There are two problems this introduces. more

The Ageless Warning of Icarus

It wasn't that long ago that, during a visit home, my brother asked me, "Why are you so stuck on this Internet thing?" His direct question caused me to realize that I had never actually stopped and considered why I was investing so much time – and in such a highly visible manner – into Internet governance when I wasn't being compensated for doing so and, in fact, was – not putting too fine of a point on it – flat broke. more

DNS and the Internet of Things: Opportunities, Risks, and Challenges

The ICANN Security and Stability Advisory Committee (SSAC) has recently published SAC105, a report on the interplay between the DNS and the Internet of Things (IoT). Unlike typical SSAC publications, SAC105 does not provide particular recommendations to the ICANN Board, but instead is informative in nature and intends to trigger and facilitate dialogue in the broader ICANN community. more

A New Project Called Handshake Wants to Decentralize DNS, Says It's Unlike Previous Attempts

An entity called the Handshake Network claims its newly developed open source project offers advantages over the traditional naming and signature systems. more

Back to the Future Part IV: The Price-Fixing Paradox of the DNS

GenX-ers may remember spending a summer afternoon at the movie theater and seeing the somewhat corny but beloved antics of Marty McFly and Doc as they used a souped-up Delorean to travel the space-time continuum. In Back to the Future Part II, Doc and Marty travel into the future, where the bullying, boorish Biff causes a time-travel paradox when he steals the Delorean and takes a joyride into the past to give his younger self a sports almanac containing the final scores of decades worth of sporting events. more

A Report on the ICANN DNS Symposium

By any metric, the queries and responses that take place in the DNS are highly informative of the Internet and its use. But perhaps the level of interdependencies in this space is richer than we might think. When the IETF considered a proposal to explicitly withhold certain top-level domains from delegation in the DNS the ensuing discussion highlighted the distinction between the domain name system as a structured space of names and the domain name system as a resolution space... more

A Short History of DNS Over HTTP (So Far)

The IETF is in the midst of a vigorous debate about DNS over HTTP or DNS over HTTPS, abbreviated as DoH. How did we get there, and where do we go from here? (This is somewhat simplified, but I think the essential chronology is right.) Javascript code running in a web browser can't do DNS lookups, other than with browser.dns.resolv() to fetch an A record, or implicitly by fetching a URL which looks up a DNS A or AAAA record for the domain in the URL. more

DNS Privacy at IETF 104

From time to time the IETF seriously grapples with its role with respect to technology relating to users' privacy. Should the IETF publish standard specifications of technologies that facilitate third-party eavesdropping on communications or should it refrain from working on such technologies? Should the IETF take further steps and publish standard specifications of technologies that directly impede various forms of third party eavesdropping on communications? more

Unexpected Behaviour Observed With DNS Root Servers After Cryptographic Change

The DNS root servers were reported by Verisign to be under unexpected attack from name servers across the Internet following ICANN's recent changes to their cryptographic master keys. more

Say YES to DNSSEC

With the latest "DNSpionage" attack, ICANN astutely prompted domain name holders to fully deploy DNSSEC on their names. Afilias absolutely supports this and encourages the same. In this post, I remind you of why DNSSEC is important and our continued role. Afilias has a long history in the development and advocacy of DNSSEC. In 2007, we partnered with Public Interest Registry to help found dnssec-deployment.org. more

Revisiting How Registrants Can Reduce the Threat of Domain Hijacking

Recent events have shown the threat of domain hijacking is very real; however, it is also largely preventable. As Verisign previously noted, there are many security controls that registrants can utilize to help strengthen their security posture. Verisign would like to reiterate this advice within the context of the recent domain hijacking reports. Domains are an important element of internet infrastructure; their functionality and security rely upon many factors such as their delegated name servers. more

Industry Updates

Carpet-Bombing Attacks: A Rising Threat to ISPs

How Threat Intelligence Prevents Nameserver Takeovers and Their Far-Reaching Damage

How to Stay Safe Against DNS-Based Attacks

NS1 Raises $33M for Its Application Traffic Management Solutions

Afilias Thanks Desiree Miloshevic for 12 Years of Service to ISOC

How Domain Data Can Enrich an MSSP's Threat Intelligence

Verisign Q2 2019 Domain Name Industry Brief: Internet Grows to 354.7 Million Domains in Q2 of 2019

The Growing Need for Managed Detection and Response Services

Fraud Protection Measures Against Malicious New Domains

NS1 and Salesforce Collaborate on Multi-Signer DNSSEC Implementation

Verisign Q1 2019 Domain Name Industry Brief: Internet Grows to 351.8 Million Domains in Q1 of 2019

Verisign Q4 2018 Domain Name Industry Brief: Internet Grows to 348.7 Million Domains in Q4 of 2018

Afilias Appoints Ram Mohan as Chief Operating Officer

Neustar Logs Into Digital India as the New Technical Services Provider for Country’s .IN Domain

Verisign Q3 2018 Domain Name Industry Brief: Internet Grows to 342.4 Million Domains in Q3 of 2018