CSOonline

DNSSEC key signing key rollover: Are you ready?

ICANN has postponed the deadline for updating name servers with the new root zone key signing key to early 2018 because too many ISPs and network operators are not ready, and that would cause DNSSEC ...
CSOonline

A first: ICANN will generate new DNSSec key

Rotating cryptographic keys is a security best practice, so it’s good news that ICANN has begun the process to change the root key pair underpinning the security of the DNS. While the chances of a ...
Bleeping Computer

Cloudflare Makes DNSSEC Activation Easy

A boost is expected in the near future in the adoption of the DNSSEC technology that establishes trust in the Domain Name System (DNS) - the mechanism responsible for translating website names into ...
Christian Science Monitor

Seven internet 'key holders' could insure against cyber attack

Why is Christian Science in our name? Our name is about honesty. The Monitor is owned by The Christian Science Church, and we’ve always been transparent about that. The Church publishes the Monitor ...
Linux Journal

DNSSEC Part I: the Concepts

Like IPv6, DNSSEC is one of those great forward-looking protocols that unfortunately hasn't seen wide adoption yet. Before I implemented it myself, I could see why. Although some people think BIND ...
NBC News

Internet 'key holders' are insurance against cyber attack

In a move that seems inspired by "The Lord of the Rings," seven "keys" have been handed out to a trusted circle of people who might get called upon to "save" the Internet in the aftermath of a cyber ...
Computerworld

GoDaddy: We’re ready to secure .com names with DNSSEC

With more than 47 million domain names under management, GoDaddy has a huge DNS infrastructure that it has upgraded to support the emerging Internet security standard known as DNSSEC for DNS Security ...
ZDNet

Asian TLDs bide their time on DNSSEC

update The Thai registry has adopted a new protocol that is touted to provide added security to the Internet's Domain Name System (DNS), but its counterparts in the region are taking their time to ...
Dark Reading

Kaminsky Calls For DNSSEC Adoption

WASHINGTON -- BLACK HAT DC -- The much-debated protocol to help secure the Domain Name System received a big boost today when DNS security guru Dan Kaminsky said the industry must adopt the DNSSEC ...
Dark Reading

Kaminsky To Release 'Phreebird' For Easy DNSSEC

Renowned researcher Dan Kaminsky tomorrow at Black Hat Abu Dhabi will release a free toolkit that lets organizations test-drive DNSSEC deployment and also demonstrates his claims that the protocol is ...
Ars Technica

Unbound returns SERVFAIL when turning on DNSSEC

I've been messing around with Unbound (1.4.8) in FreeBSD (8.2-REL 64 bit), and really like it for its simplicity over BIND for client facing lookups. However I am running into issues when I turn on ...