ICANN has published a detailed guide on what to expect when updating KSK in the root zone

ICANN has published a detailed guide on what to expect when updating KSK in the root zone  
ICANN is preparing for the first-ever change in cryptographic keys that serve as a protection for the Internet Domain Name System (DNS), and as a result, it published a guide describing what to expect in the process.
Link to the news text from ICANN .
Change of keys, a process known as the "Key Update for Key Signing (KSK)", is scheduled for October 1? 2018.
This new ICANN manual is intended for an audience with any level of technical knowledge. The information provided in it about what to expect is intended to help everyone prepare for the renewal of the key.
The manual is published ...
+ 0 -

The ICANN plan: the corporation proposed a new model for managing the root servers of DNS

ICANN's Advisory Board for the Management of Root Server RSSAC proposed a new model manage the root zone of the DNS. It provides for a reduction in the number of active CCs and the introduction of five new responsible structures. More details about the model we tell under the cut.
The ICANN plan: the corporation proposed a new model for managing the root servers of DNS

/photo Oliver Dean CC

How is the system of root DNS-servers

For a long time the system ...[/h]
+ 0 -

Configuring the home development environment (docker + gitlab + DNS)

I could not think of a suitable name for the post, so I will briefly describe what will be discussed.
Most of us have some small personal crafts that do not go beyond our homes. Someone hosts them on a work computer, someone - on Heroku, someone - on VPS, and someone has a home server. There is even a community of on the site. r /homelab In which people discuss different hardware and software for the so-called.
home laboratory
I'm not so keen on this issue, but I have an Intel NUC at home that plays music from the NAS using MPD ...
+ 0 -

QUIC, TLS 1.? DNS-over-HTTPS, then everywhere

Habr, greetings! This is transcription of the report Artema ximaera Gavrichenkov, read by him on BackendConf 2018 within the framework of the last RIT ++ festival.
QUIC, TLS 1.? DNS-over-HTTPS, then everywhere  
The title of the report contains a long list of protocols, we will go through it gradually, but let's start with what does not exist in the title.
This (under the cut) headline of one of the blogs, on the Internet you could see such headlines very much. In that post it is written that HTTP /2 is not some distant future, it is our present; this is a modern protocol developed by Google and hundreds of professionals ...
+ 0 -

DNSCrypt 2.0 and ad blocking

In this article I would like to consider the innovations of Dnscrypt, on a concrete example, which is sure to be useful for someone.
For those who do not know, Dnscrypt is a unique protocol for encrypting DNS traffic. It makes it possible to protect DNS communications from interception and spoofing, and, for example, bypass blocking implemented at the level of DNS queries.
Of the main features of the new version, first of all, I want to note the possibility of communication with the server via the TCP protocol, which makes this channel more stable and less noticeable.
In this article...
+ 0 -

Straightforward DNS: doing the right thing

Straightforward DNS: doing the right thingWe present to your attention the very emotional story of Lev Nikolaev ( @ Maniaque ) On how to configure DNS and especially how to do it is not necessary. Right after each item, you can mentally add: "Please do not do this!" In his report, Leo says so.
The article will consist of three parts:
1. How to make a resolver (unbound, bind)
Resolver - this is the thing that you prescribe in the settings of your operating system, so you can turn human-understandable addresses such as ya.ru into an incomprehensible ???.242.
2. How to keep the zones (PowerDNS) ...
+ 0 -