Share
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry.
…
continue reading
Manage episode 430577941 series 3001389
Content provided by APNIC. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by APNIC or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
In his regular monthly spot on PING, APNIC’s Chief Scientist Geoff Huston continues his examination of DNSSEC. In the first part of this two-part story, Geoff explored the problem space, with a review of the comparative failure of DNSSEC to be deployed by zone holders, and the lack of validation by the resolvers. This is visible to APNIC labs from carefully crafted DNS zones with validly and invalidly signed DNSSEC states, which are included in the Labs advertising method of user measurement.
This second episode offers some hope for the future. It reviews the changes which could be made to the DNS protocol, or use of existing aspects of DNS, to make DNSSEC safer to deploy. There is considerable benefit to having trust in names, especially as a "service" to Transport Layer Security (TLS) which is now ubiquitous worldwide in the web.
Read more about DNSSEC and TLS on the APNIC Labs website and the APNIC Blog:
- Calling time on DNSSEC (Geoff Huston, APNIC Blog, June 2024)
- 'Keytrap' attacks on DNSSEC (Geoff Huston, APNIC Blog, June 2024)
- DNS topics at RIPE 88 (Geoff Huston, APNIC Blog, June 2024)
- The Tranco list
- DNSSEC validation client usage (APNIC Labs)
- DNSSEC-enabled domains from Cloudflare public DNS (APNIC Labs)
98 episodes
))
