Authors

Stéphane Bortzmeyer

Based in Paris (France)

13

Articles

40

Likes on articles

About the author

I work at AFNIC (the registry of .fr domain names), in the R&D department, on, among other things, DNS, security, statistics.

• On The State of Reverse DNS by Arnold Dechamps

I like the IP address 2610:a1:1072::1:42 since the name is an IDN. But, alas, no DNSSEC.

• On A Quantum-Safe Cryptography DNSSEC Testbed by Caspar Schutijser

"They may also receive more spam and phishing e-mails, since modern e-mail security protocols rely on DNSSEC as well." I would like to see email servers use SPF, DKIM and DMARC records only if they have been validated with DNSSEC but I strongly doubt it is the case today.

• On The Need for Programmability in Routing Protocols by Thomas Wirtgen

Developping something new (no installed base) and mission-critical in C, today, is a bit strange. Why not using a safer language?

• On DNSSEC and Zone Transfers: What You Need to Know by Lars-Johan Liman

Nice and useful article. For OpenDNSSEC, the important parameter is named Jitter and is enabled by default. Check that you have something like "<Policy name="default">...<Signatures>... <Jitter>PT12H</Jitter>" It would be nice to document here how it is done for other signing programs.

• On Extended DNS Errors: Unlocking the Full Potential of DNS Troubleshooting by Yevheniya Nosyk

Great survey, thanks for this work. Indeed, the variations in EDE are funny. For bogus.bortzmeyer.fr, Unbound (and 1.1.1.1) say "9 (DNSKEY Missing)", 9.9.9.9 say "10 (RRSIGs Missing)" and Knot-Resolver say "12 (NSEC Missing)"

• On A Carbon-Aware Internet with the Green Web Foundation by Michelle Thorne

"The IP to CO2 Intensity API allows you to query an IP address" The second link actually goes to a service that takes a host name, not an IP address.

• On Approaching the IETF - A View from Civil Society by Dan Sexton

A good thing about the IETF is that it is open and discussions are public so here is the link to the discussion inside the IETF about this article: https://mailarchive.ietf.org/arch/msg/ietf/M2vDMHuj063n5jvcUydcr0oRWy0/

• On Approaching the IETF - A View from Civil Society by Dan Sexton

I was at the same side meeting and had a different impression. My article in French: https://www.bortzmeyer.org/filtrage-vie-privee.html

• On How to Ensure Robust DNS Services for the Public Sector by Robert Allen

Interesting and timely since, in the last two weeks, at least five domains of important public services in France have been down. At least four of them had poor DNS hosting (only two unicast authoritative name servers, sometimes in the same physical location). My report (in French): https://www.bortzmeyer.org/service-public-impots-dns.html

• On SAV: Why Is Source Address Validation Still a Problem? by Qasim Lone

You do not mention the use of RIPE Atlas probes. Is the user tag "iwantbcp38compliancetesting" still useful/used?

Showing 51 comment(s)

Previous
1 2 3 4 5 6
Next