Public Workshop: Security and Privacy
- Geoff Huston (APNIC)
Matthew Pounsett (Rightside)
10/16/16, 2:00 PM
In the last year, Rightside has transferred in two signed TLDs: REISE in June of 2015, and JETZT in May of 2016. We believe these were the first two signed TLDs to ever go through a full inter-operator transfer (including NS change and key rolls). We anticipate this type of transfer will become more common in the next few years, and would like to share our experiences with the community.
Mr Christopher Baker (Dyn)
10/16/16, 2:30 PM
There are a number of free and commercial DNS performance comparison platforms publishing rankings and metrics. From free offerings such as DNSPerf and SolveDNS to commercial platforms such as CloudHarmony or Catchpoint. Each of these platforms measure DNS performance in their own way producing different results. What exactly are they measuring? When you look at a time series, where did the...
Ms Jaime Cochran (CloudFlare Inc.) , Mr Marek Vavrusa (CloudFlare Inc.)
10/16/16, 3:00 PM
Earlier this year we investigated a buffer overflow error in GNU libc DNS stub resolver code known as CVE-2015-7547. Similar to *"Ghost"* vulnerability in `gethostbyname()`, this vulnerability allows RCE in every application calling it, from SSH to browsers. This made it very dangerous in theory, but the exploitability was still an enigma. The disclosure mentioned a back of the envelope...