Welcome

• Keith Mitchell (DNS-OARC)

DITL report

• Matthew Pounsett (DNS-OARC)

Intranet Redirect Detector or Pseudo Random Subdomain Attack? (Online Workshop)

• Duane Wessels (Verisign)

DNS query traffic received by root name servers include a significant amount of queries for random, single-label strings. These first appeared in 2011 and are attributed to a function in the Chrome browser source code, whose purpose is to detect NXDOMAIN "hijacking." In this presentation we show how the volume of these probe queries from Chrome have grown over time and now comprises nearly 50% of root server query traffic. We further show how the query patterns have changed over time, and that these queries can expose domain search list processing by resolvers.

DNSSEC in ORG with a dash of COVID (Online Workshop)

• Suzanne Woolf (PIR)

The ORG top-level domain was originally signed in 2009, and the parameters and infrastructure used to make that happen remain today, 11 years later, largely unchanged. Since then new algorithms have been standardised and implemented, and new weaknesses found, most recently in SHA-1. We started scoping our plans to revisit these decisions at the beginning of this year, around the time that the COVID-19 epidemic was recognised as a pandemic and as the global implications of that designation started to become clear. We will provide some insight into how some quite expansive plans for change in the ORG zone became scaled back as a consequence of this new viral world order and describe the reduced scope of what we expect to achieve this year. We still expect there to be opportunities for research and to need to ensure operational awareness of what we are doing, but perhaps with less drama and a plotline that will extend into next year.

USC/ISI's DIINER DNS and naming testbed (Online Workshop)

• Wes Hardaker (USC/ISI)

USC/ISI has recently received a grant from the NSF to stand up a DNS test-bed in parallel to our b.root-servers.net infrastructure. We're happy to announce that our infrastructure is ready for early-adopter use. During this talk we'll describe the architecture, our vision for it, what you (as a researcher) will have available to you when running experiments and our plans for the future. We'll highlight an early test case of the infrastructure comparing the results of running both bind and knot in parallel to server the root zone.

From lockdown and back: a DNS data story (Online Workshop)

• Sebastian Castro (InternetNZ)

Analyzing billions of DNS queries for the .nz ccTLD, we tell a story of fight against CoVid-19 including weeks of lockdown period, and how visible the changes in activity pattern were visible in the DNS

DNS stalking 2020 (Online Workshop)

• Geoff Huston (APNIC)

We look at recent observations of DNS replays as well as over time with names that include timestamps at the time of generation.