December 08, 2020 12:00PM
Good-bye ESNI, hello ECH!
A deep dive into the Encrypted Client Hello, a standard that encrypts privacy-sensitive parameters sent by the client, as part of the TLS handshake....
November 30, 2020 1:14PM
Improving the Resiliency of Our Infrastructure DNS Zone
We've improved the resiliency and management of our infrastructure DNS zone. In this post, we guide you through some of the "whats", "whys" and "hows" we encountered along the way....
November 13, 2020 7:06PM
SAD DNS Explained
Researchers from UC Riverside and Tsinghua University found a new way to revive a decade-old DNS cache poisoning attack. Read our deep dive into how the SAD DNS attack on DNS resolvers works, how we protect against this attack in 126.96.36.199, and what the future holds for DNS cache poisoning attacks....
October 30, 2020 12:00PM
Unwrap the SERVFAIL
We recently released a new version of Cloudflare Resolver, which adds a piece of information called “Extended DNS Errors” (EDE) along with the response code under certain circumstances. This will be helpful in tracing DNS resolution errors and figure out what went wrong behind the scenes....
October 02, 2020 8:35AM
DNS Flag Day 2020
Speed & Reliability
October 1 is DNS Flag Day, an initiative by the DNS community to make DNS more secure, reliable and robust. This year the focus is on problems around IP fragmentation of DNS packets....