You are here: Home > Publications > RIPE Labs > Willem Toorop

Willem Toorop

04 Apr, 2018 11:36 AM
Sunrise DNS-over-TLS! Sunset DNSSEC? by Willem Toorop — last modified 29 Aug, 2018 04:30 PM

Is DNSSEC still needed when you get your DNS over TLS? DNSSEC's original design goals could also be met in a future DoT-only world. However, DNSSEC's aspirations have moved on with DANE. Unfortunately DNSSEC and DANE are hardly ever available at end-user devices. DoT brings liable delivery of DNS, which might make DNSSEC and DANE finally happen after all.

Hackathon @ Africa Internet Summit 2019 by Willem Toorop — last modified 09 Jul, 2019 11:28 AM

The ISOC African regional bureau has been organising hackathons at the last three editions of the Africa Internet Summit. This year we were given the opportunity to lead a track there at: "Measuring DNS and DoH". This is a report on the event and it's valuable and contributory outcome.

Measuring the Impact of DNS Flag Day by Willem Toorop — last modified 23 Aug, 2019 02:41 PM

DNS Flag Day was the result of a collaborative effort and agreement of DNS implementers and DNS resolver operators to commit to no longer providing workarounds for non-standards-compliant authoritative nameservers as of 1 February 2019. In the lead up to DNS Flag Day, and as part of the outreach, the focus for measurements has been the authoritative nameservers that needed to be fixed. In this post, we will take the other perspective and look at resolvers and resolver implementations — what was resolver behaviour on the Internet before DNS Flag Day, and how does the uptake of dropping workarounds disseminate in the wild?