22–23 Oct 2022 Workshop
Golden Tulip Zira
Europe/Belgrade timezone

Observable KINDNS: Validating DNS Hygiene

22 Oct 2022, 16:15
15m
Mykonos / Rodos (Golden Tulip Zira)

Mykonos / Rodos

Golden Tulip Zira

Ruzveltova 35 11000 Belgrade Republic of Serbia
Standard Presentation Main Session OARC 39 - D1

Speaker

Raffaele Sommese

Description

The Internet's naming system (DNS) is a hierarchically structured database, with hundreds of millions of domains in a radically distributed management architecture. The distributed nature of the DNS is the primary factor that allowed it to scale to its current size, but it also brings security and stability risks. The Internet standards community (IETF) has published several operational best practices to improve DNS resilience, but operators must make their own decisions that tradeoff security, cost, and complexity. Since these decisions can impact the security of billions of Internet users, recently ICANN has proposed an initiative to codify best practices into a set of global norms to improve security: the Knowledge-Sharing and Instantiating Norms for DNS and Naming Security (KINDNS). A similar effort for routing security -- Mutually Agreed Norms for Routing Security -- provided inspiration for this effort. The MANRS program encourages operators to voluntarily commit to a set of practices that will improve collective routing security -- a challenge when incentives to conform with these practices does not generate a clear return on investment for operators. One challenge for both initiatives is independent verification of conformance with the practices The KINDNS conversation has just started, and stakeholders are still debating what should be in the set of practices. At this early stage, we analyze possible best practices in terms of their measurability by third parties, including a review of DNS measurement studies and available data sets.

Presentation delivery In-person at the workshop venue

Primary authors

Raffaele Sommese Dr Mattijs Jonker (University of Twente) Prof. Kimberly Claffy (CAIDA/UCSD)

Presentation materials