It’s a very busy first day for the Deploy360 team at IETF 95 in Buenos Aires with our focus areas of IPv6, DNSSEC, securing BGP and TLS all having sessions during the day. Throughout this week at IETF 95 we’ll be bringing you these daily blog posts that point out what we are focused on during Read more…

Next week is IETF 95 in Buenos Aires which is not only the first to be held in Argentina, but also the first to be held in Latin America. Although it’ll just be Megan Kruse and Dan York on-site this time from Deploy360 due to an overlap with ION Bangladesh/bdNOG 5, if you have any questions about Deploy360 or ideas Read more…

Today and tomorrow you have a great opportunity to listen to some of the newest research into the Domain Name System (DNS) operations and security through the live video stream of the 24th meeting of the DNS Operations Analysis and Research Center (DNS-OARC). You can watch live at: https://www.youtube.com/c/DnsoarcNetPlus/live and view the past recordings on Read more…

How do we make DNSSEC even more secure through the use of elliptic curve cryptography?  What are the advantages of algorithms based on elliptic curves?  And what steps need to happen to make this a reality?  What challenges lie in the way? Over the past few months we’ve been discussing these questions within the community Read more…

Last week the island country of Madagascar became the latest country-code top-level domain (ccTLD) to sign their .MG domain with DNSSEC.  As we note in the steps for signing a domain, having a signed TLD is critical so that your domain can tie into the global “chain of trust” that provides the added security of Read more…

LACNIC is organizing a “IPv6 Troubleshooting for Helpdesks” webinar that will take place today, 23rd March 2016 at 15.00 UYT (UTC -3) through Webex. The main theme of the webinar is how ISP helpdesks can use the RIPE-631 Best Current Operational Practice document and associated online tools to troubleshoot and fix IPv6 issues. The webinar will be lead Read more…

Early last week, Let’s Encrypt issued its one millionth certificate, a impressive achievement considering it only entered its public beta phase just over three months ago. Let’s Encrypt is a new trusted Certificate Authority (CA) offering free digital certificates used for securing servers for use with TLS applications such as secure web browsing and online financial transactions. In fact, the Read more…

It’s worth pointing out the announcement from the RIPE NCC last week, that they reached the milestone of 10,000 Local Internet Registries (LIRs) having receiving IPv6 addresses. This leaves around 3,000 LIRs that still only have IPv4 addresses, although the uptake of IPv6 addresses has increased substantially since mid-2012. In the way RIPE NCC is structured, the “LIRs” Read more…

In the first part of our blog on testing the Let’s Encrypt certificates for mail servers and adding extra security with DANE TLSA records, we focused on how to deal with the default behaviour of the Let’s Encrypt client on Linux. This generates a new underlying key and certificate request every time we renew the Read more…

Want to learn about DNSSEC and how it helps add a layer of trust to DNS? Puzzled by how this all works?   If so, please join us today from 16:45 to 18:15 UTC for “DNSSEC for Everybody: A Beginner’s Guide” streaming live out of Marrakech, Morocco, in both audio and video on links found off Read more…