OARC 31 (Austin, TX, USA)

Name: OARC 31 (Austin, TX, USA)
Start: 2019-10-31T03:00:00-05:00
End: 2019-11-01T18:10:00-05:00
Location: JW Marriott Austin

31 October 2019 to 1 November 2019 AGM

JW Marriott Austin

America/Winnipeg timezone

OARC31 Presentation Videos available at https://youtube.com/DNS-OARC

OARC 31 Admin

On DNSSEC Negative Responses, Lies, and Zone Size Detection

1 Nov 2019, 12:00

30m

Griffin Hall (JW Marriott Austin)

Griffin Hall

JW Marriott Austin

110 E 2nd St Austin TX 78701 USA

No longer available: Standard Presentation Public Workshop

Casey Deccio (Brigham Young University)

The Domain Name System (DNS) Security Extensions (DNSSEC) introduced additional DNS records (NSEC or NSEC3 records) into negative DNS responses, which records can prove there is no translation for a queried domain name. We introduce a novel technique to estimate the size of a DNS zone by analyzing the NSEC3 records returned by only a small number of DNS queries issued. We survey the prevalence of the deployment of different variants of DNSSEC negative responses across a large set of DNSSEC-signed zones in the wild, and identify over 50% as applicable to our measurement technique. Of the applicable zones, we show that 99% are composed of fewer than 40 names.

Talk Duration	Lightning Talk 10 Minutes

Casey Deccio (Brigham Young University) Mr Jonathan Demke (Brigham Young University)

2019-11-01-dnssec-lies-oarc.pdf

2019-11-01-dnssec-lies-oarc.pptx

OARC 31 (Austin, TX, USA)

OARC 31 Admin

On DNSSEC Negative Responses, Lies, and Zone Size Detection

Griffin Hall

JW Marriott Austin

Speaker

Description

Primary authors

Presentation materials