DNSSEC - The Cloudflare Blog

Connection errors in Asia Pacific region on July 9, 2023

July 11, 2023 9:48AM

On July 9, 2023, users in the Asia Pacific region experienced connection errors due to origin DNS resolution failures to .com and .net TLD nameservers...

DNSSEC issues take Fiji domains offline

March 09, 2022 10:11AM

Cloudflare Radar Internet Traffic DNSSEC Outage

DNSSEC issues with the .fj ccTLD caused problems reaching websites on the island nation...

David Belson

Is BGP Safe Yet? No. But we are tracking it carefully

April 17, 2020 4:00PM

BGP Security RPKI DNSSEC

BGP leaks and leaks and hijacks have been accepted as an unavoidable part of the Internet for far too long. Today, we are releasing isBGPSafeYet.com, a website to track deployments and filtering of invalid routes by the major networks....

Louis Poinsignon

RFC8482 - Saying goodbye to ANY

March 15, 2019 5:01PM

DNS DNSSEC Security Speed & Reliability

Ladies and gentlemen, I would like you to welcome the new shiny RFC8482, which effectively deprecates DNS ANY query type. DNS ANY was a "meta-query" - think about it as a similar thing to the common A, AAAA, MX or SRV query types, but unlike these it wasn't a real query type - it was special....

Marek Majkowski

Cloudflare Registrar at three months

February 22, 2019 7:42PM

Registrar Product News DNSSEC Security

Starting today, we’re excited to make Cloudflare Registrar available to all of our customers. As part of this announcement, we’d like to share some insights and data about domain registration that we learned during the early access period....

Sam Rhea

January 16, 2019 5:01PM

One-Click DNSSEC with Cloudflare Registrar

When you launch your domain to the world, you rely on the Domain Name System (DNS) to direct your users to the address for your site. However, DNS cannot guarantee that your visitors reach your content because DNS, in its basic form, lacks authentication....

By

Sam Rhea

DNSSEC , DNS , Registrar , Product News , Security

September 18, 2018 2:00PM

Expanding DNSSEC Adoption

Cloudflare first started talking about DNSSEC in 2014 and at the time, Nick Sullivan wrote: “DNSSEC is a valuable tool for improving the trust and integrity of DNS, the backbone of the modern Internet.”...

By

Sergi Isasi
, Vicky Shrestha

Crypto Week , Security , DNSSEC , DNS , Product News

September 17, 2018 2:02PM

End-to-End Integrity with IPFS

This post describes how to use Cloudflare’s IPFS gateway to set up a website which is end-to-end secure, while maintaining the performance and reliability benefits of being served from Cloudflare’s edge network....

By

Brendan McMillion

Crypto Week , Security , IPFS , Universal SSL , SSL

September 17, 2018 2:01PM

Cloudflare goes InterPlanetary - Introducing Cloudflare’s IPFS Gateway

Today we’re excited to introduce Cloudflare’s IPFS Gateway, an easy way to access content from the the InterPlanetary File System (IPFS) that doesn’t require installing and running any special software on your computer....

By

Andy Parker

Crypto Week , Security , IPFS , Universal SSL , SSL

August 06, 2018 5:45PM

Additional Record Types Available with Cloudflare DNS

Cloudflare recently updated the authoritative DNS service to support nine new record types. Since these records are less commonly used than what we previously supported, we thought it would be a good idea to do a brief explanation of each record type and how it is used....

By

Sergi Isasi
, Etienne Labaume

Reliability , Speed & Reliability , DNS , DNSSEC , Product News

February 06, 2018 10:33PM

It’s Hard To Change The Keys To The Internet And It Involves Destroying HSM’s

The root of the DNS tree has been using DNSSEC to protect the zone content since 2010. DNSSEC is simply a mechanism to provide cryptographic signatures alongside DNS records that can be validated, i.e. prove the answer is correct and has not been tampered with....

By

Ólafur Guðmundsson

DNS , DNSSEC , Reliability

August 18, 2017 6:40PM

Broken packets: IP fragmentation is flawed

As opposed to the public telephone network, the internet has a Packet Switched design. But just how big can these packets be?...

By

Marek Majkowski

Developers , Reliability , TCP , DNSSEC , DNS

April 12, 2017 4:06PM

Changing Internet Standards to Build A Secure Internet

We’ve been working with registrars and registries in the IETF on making DNSSEC easier for domain owners, and over the next two weeks we’ll be starting out by enabling DNSSEC automatically for .dk domains....

By

Dani Grant

DNSSEC , Reliability , DNS , Security , IETF

June 24, 2016 5:31PM

Economical With The Truth: Making DNSSEC Answers Cheap

We launched DNSSEC late last year and are already signing 56.9 billion DNS record sets per day. At this scale, we care a great deal about compute cost....

By

Dani Grant

DNS , DNSSEC , Reliability , RRDNS , Salt