You are here: Home > Publications > RIPE Labs

RIPE Labs

Articles RSS

Persistent DNS Connections for Reliability and Performance
Persistent DNS Connections for Reliability and Performance
Baptiste Jonglez — 20 Sep 2018

For decades, the Domain Name System (DNS) has relied on UDP as its transport protocol of choice, mostly because of its simplicity. New transports such as DNS-over-TLS and DNS-over-HTTPS are now gaining popularity: they offer increased privacy while preventing the use of the DNS as a DDoS attack vector. What may be less obvious is that they can also provide increased performance compared to UDP.… Read more

Researchers' first Encounter with the IETF Community: Measuring TCP, HTTP/2 and QUIC
Researchers' first Encounter with the IETF Community: Measuring TCP, HTTP/2 and QUIC
Torsten Zimmermann — 04 Sep 2018

As Ph.D. students, our typical encounter with the IETF community and their work is by stumbling over RFCs and Internet-Drafts that either relate to or are a fundamental basis for our research. Beyond that, for us, the Internet Engineering Task Force (IETF) has been a vague entity focused on standardisation. Therefore it was a great experience to attend the IETF 101 meeting in London earlier this year and to present our measurement results for TCP, HTTP/2 and QUIC at the Measurement and Analysis for Protocol Research Group (MAPRG)… Read more

Let's Connect! Easy to Install and Secure VPN Software that Respects your Privacy
Let's Connect! Easy to Install and Secure VPN Software that Respects your Privacy
Rogier Spoor — 03 Sep 2018

Going online on unknown Internet hotspots - whether at a restaurant, an airport or in a restaurant - isn't actually very safe or secure for users. This is due to the open character of hotspots which makes it easy to impersonate legitimate hotspots and eavesdrop on traffic - or even serve malware. The main aim of the Let's Connect! project is to develop a secure, fast and usable open-source VPN solution that can be used by anybody on all types of devices. Thanks to the RIPE NCC Community Projects Fund this important goal is getting within reach.… Read more

Tags: tools security
Passive Observations of Large DNS Service
Passive Observations of Large DNS Service
Wouter de Vries — 29 Aug 2018

In 2009, Google launched its Public DNS service, with its characteristic IP address 8.8.8.8. Since then, this service has grown to be the largest and most well-known DNS service in existence. Due to the centralisation that is caused by public DNS services, large content delivery networks (CDNs), such as Akamai, are no longer able to rely on the source IP of DNS queries to pinpoint their customers. Therefore, they are also no longer able to provide geobased redirection appropriate for that IP.… Read more

A Review of Blockchain Applicability to Internet Number Resources
A Review of Blockchain Applicability to Internet Number Resources
Marco Hogewoning — 27 Aug 2018

Blockchain technology is receiving a lot of attention these days as a solution in numerous application domains. Triggered by research proposals and discussions in a variety of forums, we got together with a number of RIPE NCC employees to look at blockchain and its applicability to registration of Internet number resources. From our analysis we conclude that there are a number of issues that, at least for now, mean there is no benefit to using blockchain technology in the registry system. … Read more

Sunrise DNS-over-TLS! Sunset DNSSEC?
Sunrise DNS-over-TLS! Sunset DNSSEC?
Willem Toorop — 23 Aug 2018

Is DNSSEC still needed when you get your DNS over TLS? DNSSEC's original design goals could also be met in a future DoT-only world. However, DNSSEC's aspirations have moved on with DANE. Unfortunately DNSSEC and DANE are hardly ever available at end-user devices. DoT brings liable delivery of DNS, which might make DNSSEC and DANE finally happen after all.… Read more

1...10 of 1012