‹ Back
Deploy360 22 January 2013

Slides: Early DNSSEC Deployment Observations from Ed Lewis

Dan York
By Dan YorkDirector, Online Content

What have we seen in terms of DNSSEC deployment around the world? Are there general trends or themes we can understand? Can we dive a bit deeper into some of the algorithms used in DNSSEC signatures?

In an October 2012 presentation to NANOG 56, Ed Lewis of Neustar dug into all these questions and more.  The slides make for interesting reading, particularly some of the details about which crypto algorithms were used and what key lengths were used.   He also looked at the frequency of key changes, key rollover processes and included a whole section on NSEC/NSEC3 records.

All in all an interesting set of data and some good recommendations around guidance that is needed for the industry.  Well worth your time to scan through the slide deck if you are interested in statistics around DNSSEC deployment.

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...

Join the conversation with Internet Society members around the world