DNSSEC - The Cloudflare Blog

DNSSEC issues take Fiji domains offline

March 09, 2022 10:11AM

DNSSEC issues with the .fj ccTLD caused problems reaching websites on the island nation...

David Belson

Is BGP Safe Yet? No. But we are tracking it carefully

April 17, 2020 4:00PM

BGP Security RPKI DNSSEC

BGP leaks and leaks and hijacks have been accepted as an unavoidable part of the Internet for far too long. Today, we are releasing isBGPSafeYet.com, a website to track deployments and filtering of invalid routes by the major networks....

Louis Poinsignon

RFC8482 - Saying goodbye to ANY

March 15, 2019 5:01PM

DNS DNSSEC Security Speed & Reliability

Ladies and gentlemen, I would like you to welcome the new shiny RFC8482, which effectively deprecates DNS ANY query type. DNS ANY was a "meta-query" - think about it as a similar thing to the common A, AAAA, MX or SRV query types, but unlike these it wasn't a real query type - it was special....

Marek Majkowski

Cloudflare Registrar at three months

February 22, 2019 7:42PM

Registrar Product News DNSSEC Security

Starting today, we’re excited to make Cloudflare Registrar available to all of our customers. As part of this announcement, we’d like to share some insights and data about domain registration that we learned during the early access period....

Sam Rhea

One-Click DNSSEC with Cloudflare Registrar

January 16, 2019 5:01PM

DNSSEC DNS Registrar Product News Security

When you launch your domain to the world, you rely on the Domain Name System (DNS) to direct your users to the address for your site. However, DNS cannot guarantee that your visitors reach your content because DNS, in its basic form, lacks authentication....

Sam Rhea

September 18, 2018 2:00PM

Expanding DNSSEC Adoption

Cloudflare first started talking about DNSSEC in 2014 and at the time, Nick Sullivan wrote: “DNSSEC is a valuable tool for improving the trust and integrity of DNS, the backbone of the modern Internet.”...

By

Sergi Isasi
, Vicky Shrestha

Crypto Week , Crypto , Security , DNSSEC , DNS

September 17, 2018 2:02PM

End-to-End Integrity with IPFS

This post describes how to use Cloudflare’s IPFS gateway to set up a website which is end-to-end secure, while maintaining the performance and reliability benefits of being served from Cloudflare’s edge network....

By

Brendan McMillion

Crypto Week , Crypto , Security , IPFS , Universal SSL

September 17, 2018 2:01PM

Cloudflare goes InterPlanetary - Introducing Cloudflare’s IPFS Gateway

Today we’re excited to introduce Cloudflare’s IPFS Gateway, an easy way to access content from the the InterPlanetary File System (IPFS) that doesn’t require installing and running any special software on your computer....

By

Andy Parker

Crypto Week , Crypto , Security , IPFS , Universal SSL

August 06, 2018 5:45PM

Additional Record Types Available with Cloudflare DNS

Cloudflare recently updated the authoritative DNS service to support nine new record types. Since these records are less commonly used than what we previously supported, we thought it would be a good idea to do a brief explanation of each record type and how it is used....

By

Sergi Isasi
, Etienne Labaume

Reliability , Speed & Reliability , DNS , DNSSEC , Product News

February 06, 2018 10:33PM

It’s Hard To Change The Keys To The Internet And It Involves Destroying HSM’s

The root of the DNS tree has been using DNSSEC to protect the zone content since 2010. DNSSEC is simply a mechanism to provide cryptographic signatures alongside DNS records that can be validated, i.e. prove the answer is correct and has not been tampered with....

By

Ólafur Guðmundsson

DNS , DNSSEC , Reliability

August 18, 2017 6:40PM

Broken packets: IP fragmentation is flawed

As opposed to the public telephone network, the internet has a Packet Switched design. But just how big can these packets be?...

By

Marek Majkowski

Developers , Reliability , TCP , DNSSEC , DNS

April 12, 2017 4:06PM

Changing Internet Standards to Build A Secure Internet

We’ve been working with registrars and registries in the IETF on making DNSSEC easier for domain owners, and over the next two weeks we’ll be starting out by enabling DNSSEC automatically for .dk domains....

By

Dani Grant

DNSSEC , Reliability , DNS , Security , IETF

June 24, 2016 5:31PM

Economical With The Truth: Making DNSSEC Answers Cheap

We launched DNSSEC late last year and are already signing 56.9 billion DNS record sets per day. At this scale, we care a great deal about compute cost....

By

Dani Grant

DNS , DNSSEC , Reliability , NXDOMAIN , RRDNS

May 09, 2016 11:47PM

python-cloudflare

Very early on in the company’s history we decided that everything that CloudFlare does on behalf of its customer-base should be controllable via an API. In fact, when you login to the CloudFlare control panel, you’re really just making API calls to our backend services....

By

Martin J Levy

API , WAF Rules , WAF , DNSSEC , DNS