The #OARC40 Workshop Report has been published. Come read about some of the highlights from OARC 40 and get information on upcoming events.
https://dnsoarc.medium.com/oarc-40-workshop-report-9cc2e10e777e
#LoveDNS ^RP
Recent searches
Search options
#oarc40
0 posts0 participants0 posts today
Thank you to Geoff Huston (APNIC) for his Blog about #OARC40 which can be found here: https://blog.apnic.net/2023/02/23/notes-from-dns-oarc-40/
APNIC Blog · Notes from DNS-OARC 40 | APNIC BlogMitigating cache poisoning, post-quantum crypto, defining IPv6-ready DNS, and more from OARC 40.
I've just published a new version of my #DNS TTL extension for #EPP. I've asked to present it to the #regext working group at the next #IETF meeting in Yokohama to request WG adoption. Apparently it was mentioned during last week's #OARC40 meeting so there's evidently still interest! https://www.ietf.org/archive/id/draft-regext-brown-epp-ttl-04.html
www.ietf.orgExtensible Provisioning Protocol (EPP) mapping for DNS Time-To-Live (TTL) values
This document describes an extension to the Extensible Provisioning Protocol (EPP) that allows EPP clients to manage the Time-To-Live (TTL) value for domain name delegation records.
The Internet Last Week
* Microsoft patch Tuesday
https://msrc.microsoft.com/update-guide/releaseNote/2023-Feb
https://www.akamai.com/blog/security-research/akamai-perspective-patch-tuesday-february-2023
* US T-Mobile outage
https://www.reuters.com/business/media-telecom/t-mobile-down-thousands-users-us-downdetector-2023-02-14/
https://puck.nether.net/pipermail/outages/2023-February/014641.html
* NANOG 87 / OARC 40
https://www.nanog.org/events/nanog-87/
https://indico.dns-oarc.net/event/46/
* Superbowl traffic trends
https://blog.cloudflare.com/super-bowl-lvii/
#Microsoft #TMobile #NANOG87 #OARC40 #Superbowl
msrc.microsoft.comSecurity Update Guide - Microsoft Security Response Center
I know I had a few drinks at the social last night, but did this really happen?? #OARCKaraoke https://drive.google.com/file/d/1dvRbDlR-iUtpoTwNR9e3Tr0bsCi5pA0b/view?usp=sharing #OARC40 #LoveDNS
Continued thread
"Realtime DNS Exfiltration Detection in Recursive Resolvers" by David Rodriguez
There are many free software to create a #DNS tunnel (for instance iodine). (Nice Perl code to illustrate.)
Replied in thread
Continued thread
It created a huge discussion, both on Zoom and on Mattermost. People love RFC and care about them, so it is always passionate. There are even people who criticize the fact that some people comment on RFC.
Continued thread
"Measuring TTL Violation of DNS Resolvers at scale" by Tijay Chung
Measuring is not obvious (there is more than one resolver between the Web browser and the authoritative server.)
Almost 10 % of the resolvers increase the very short TTLs (one minute).
Continued thread
The main use of #DNSSEC: creating topics for OARC meetings.
Continued thread
"Guaranteeing the integrity of DNS records using PKIX Certificates" by Hyeonmin Lee
Still less than 1 % SLD signed.
Solution : use PKIK certificates because everyone has one.
Soon, we resume #OARC40 https://indico.dns-oarc.net/event/46/
DNS-OARC (Indico)OARC 40OARC 40 is planned to be a hybrid in-person and online workshop.The workshop will be held in Atlanta (Georgia), USA on Thursday 16th & Friday 17th February, 2023 - co-located NANOG 87DNS-OARC is a non-profit, membership organization that seeks to improve the security, stability, and understanding of the Internet's DNS infrastructure. Part of these aims are achieved through workshops.DNS-OARC Workshops are open to OARC members and to all other parties interested in DNS operations and...
Preparing to speak remotely at #OARC40.
On Ubuntu, screen sharing in Zoom does not work with the default Wayland, but works with Xorg. But it is the opposite for virtual background :-)
Continued thread
End of the day for #OARC40. See you tomorrow!
Continued thread
Very funny domain: jiangxi.gov.cn Its nameserver replies over IPv6 but not over IPv4.
Continued thread
"DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains" by Xiang Li, at #OARC40.
It's about domain name hijacking (I like his "use-after-free", it's basically the "subdomain attack").