Internet Protocol

Internet Protocol / Featured Blogs

The Insecurity of Ambiguous Standards

Why are networks so insecure? One reason is we don't take network security seriously. We just don't think of the network as a serious target of attack. Or we think of security as a problem "over there," something that exists in the application realm, that needs to be solved by application developers. Or we think the consequences of a network security breach as "well, they can DDoS us, and then we can figure out how to move load around, so if we build with resilience (enough redundancy)... more

The WiFi 6 Revolution

We're edging closer every day to seeing WiFi 6 in our homes. WiFi 6 will be bolstered by the newly approved 6 GHz frequency, and the combination of WiFi 6 and 6 GHz spectrum is going to revolutionize home broadband. I don't think many people understand how many of our home broadband woes are caused by current WiFi technology. WiFi has been an awesome technology that freed our homes from long category 5 wires everywhere, but WiFi has a basic flaw that became apparent when homeowners started to buy hordes of WiFi-enabled devices.  more

Notes from the DNS Privacy Workshop at NDSS 2021

For many years the consuming topic in DNS circles was that of the names themselves. If you wind the clock back twenty years or so, you will find much discussion about the nature of the Internet's namespace. Why were there both generic top-level labels and two-letter country codes? If we were going to persist with these extra-territorial generic country codes in the namespace, then how many should there be? Who could or should manage them? And so on. more

Help Recognize Internet Pioneers and Heroes – Nominations Open for 2021 Internet Hall of Fame

Do you know someone who deserves recognition for launching the Internet in their region or country? Or someone who made some major technical innovation that made the Internet faster or better? Or someone who is a passionate advocate who influenced other people to make the Internet better? Can you think of someone who helped the Internet reach new people? For example, in a new region or language? Do you know someone who made the Internet more inclusive and accessible to more people? more

Notes from NANOG 81

As the pandemic continues, the network operator community continues to meet online. NANOG held its 81st meeting on February 8 and 9, and these are my notes from some of the presentations at that meeting... Ethernet, developed in 1973 at Xerox PARC, was a revolutionary step in network architectures in many ways. The common bus architecture imposed several constraints on the network that have echoed through the ensuing four decades in all kinds of ways. more

Information Protection for the Domain Name System: Encryption and Minimization

In previous posts in this series, I've discussed a number of applications of cryptography to the DNS, many of them related to the Domain Name System Security Extensions (DNSSEC). In this final blog post, I'll turn attention to another application that may appear at first to be the most natural, though as it turns out, may not always be the most necessary: DNS encryption. (I've also written about DNS encryption as well as minimization in a separate post on DNS information protection.) more

Cryptographic Tools for Non-Existence in the Domain Name System: NSEC and NSEC3

In my previous post, I described the first broad scale deployment of cryptography in the DNS, known as the Domain Name System Security Extensions (DNSSEC). I described how a name server can enable a requester to validate the correctness of a "positive" response to a query -- when a queried domain name exists -- by adding a digital signature to the DNS response returned. more

An Open Letter to Big Tech CFOs: Save the Internet Before You're Forced

Dear Chief Financial Officers of tech giants, the internet is in crisis, and you can lead your organization to help solve the problem. You'll be well compensated, and you'll enjoy massive public relations benefits. I fear that if you don't, global governments will force your hand. There is a shortage of available IPv4 addresses but we are years away (possibly a decade or more) from IPv6 viability and adoption in North America. more

DNS Oblivion

Technical development often comes in short, intense bursts, where a relatively stable technology becomes the subject of intense revision and evolution. The DNS is a classic example here. For many years this name resolution protocol just quietly toiled away. The protocol wasn't all that secure, and it wasn't totally reliable, but it worked well enough for the purposes we put it to. more

A Look at DNS Trends and What the Future May Hold

We used to think of computer networks as being constructed using two fundamental common infrastructure components: names and addresses. Every connected device had a stable protocol address to allow all other devices to initiate a communication transaction with this device by addressing a data packet to this protocol address. And every device was also associated with a name, allowing human users and human use applications to use a more convenient alias for these protocol addresses. more