Other articles


  1. Multi-Signer DNSSEC Models approved as RFC

    The Multi-Signer DNSSEC Models draft that I've been working on for the past couple of years, has been approved by the IESG (Internet Engineering Steering Group - the overall management arm of the IETF).

    The approval announcement can be seen here: https://mailarchive.ietf.org/arch/msg/ietf-announce/F3RtV_72iUvdoAOv_LgN3aeIWx0/.

    The document …

    read more
  2. NS1 Press Release on Multi-Signer DNSSEC

    DNS Company, NS1 today issued a press release on their collaboration with Salesforce (my employer) on the specification and implementation of Multi-Signer DNSSEC, and which has a quotation from me:

    https://ns1.com/press/ns1-salesforce-collaborate-on-multi-signer-dnssec-implementation

    This is about a specification I've been working on for a while now, mostly in …

    read more
  3. Qname Minimization talk

    Originally hosted on storify (which shut down), this is a collection of social media references to my talk on DNS Query-Name Minimization at the May 2015 DNS-OARC Workshop in Amsterdam, Netherlands.

    read more
  4. DNS Amplification Attacks

    There has been a lot of talk recently about DNS amplification attacks (with prominent news reports of high bandwidth attacks targeted at anti-spam services, cloud providers, financial institutions, etc). These are a class of denial of service attack that use DNS servers to emit large amounts of traffic onto unsuspecting …

    read more
  5. DNSSEC and Certificates

    DNSSEC is a system to verify the authenticity of DNS data using public key signatures. With increasing deployment of DNSSEC comes the possibility of applications using the DNS to store and retrieve TLS/SSL certificates in an authenticated manner. And possibly obviating the need for public/global certification authorities (CA …

    read more

Page 1 / 2 »

links

social