Introducing DNSCrypt (Preview Release),by OpenDNS

"DNSCrypt and DNSSEC are complementary.  DNSSEC does a number of things.  First, it provides authentication. (Is the DNS record I'm getting a response for coming from the owner of the domain name I'm asking about or has it been tampered with?)  Second, DNSSEC provides a chain of trust to help establish confidence that the answers you're getting are verifiable.  But unfortunately, DNSSEC doesn't actually provide encryption for DNS records, even those signed by DNSSEC.  Even if everyone in the world used DNSSEC, the need to encrypt all DNS traffic would not go away. Moreover, DNSSEC today represents a near-zero percentage of overall domain names and an increasingly smaller percentage of DNS records each day as the Internet grows.  

That said, DNSSEC and DNSCrypt can work perfectly together.  They aren't conflicting in any way.  Think of DNSCrypt as a wrapper around all DNS traffic and DNSSEC as a way of signing and providing validation for a subset of those records.  There are benefits to DNSSEC that DNSCrypt isn't trying to address. In fact, we hope DNSSEC adoption grows so that people can have more confidence in the entire DNS infrastructure, not just the link between our customers and OpenDNS."

Source: OpenDNS.com

Read in full and download DNSCrypt

DNSSEC Update from ICANN 42 in Dakar

"Perhaps the most encouraging update came from CZ.NIC, the manager of Czech country-code top-level domain .cz, which has been aggressively promoting DNSSEC since 2009. According to CZ.NIC's Ondrej Filip, 17% of domains in the .cz zone are now signed. That's 145,000 domains, making .cz probably the most DNSSEC-saturated zone in both relative and absolute numbers."

circleid (full article)

The Economist: Accessories after the fact

That risks damaging the internet’s vital internal addressing system, which lets people use words instead of numbers to access websites. It also clashes with DNSSEC (don’t ask), a protocol that America has long championed to increase internet security. Messing with DNSSEC could create loopholes for hackers by allowing rogue websites to pose as legitimate ones. Savvy users (who do the most downloading) will be able to bypass these filters anyway. And the bill’s vague wording leaves open the possibility that American ISPs might have to institute more intrusive forms of filtering, with the costs, performance problems and privacy issues that would inevitably entail.

Full Article

P2P DNS – Taking ownership of the internet

"DNS is one of those core technologies on which the internet runs. For most end users, DNS is pretty much invisible until they want to register their first domain for their own websites. At that point, the concept of a domain registrar suddenly pops into view."

Read the entire article here.

Finland to launch improved Fi-domain name service

"Finland's telecom regulator Ficora announced that an upgraded fi-domain name service domain.fi will be launched soon. As a result of the launch process, applying for new fi-domain names or making changes to existing ones will not be possible from 17 September at 8:00hrs until 19 September at 10:00hrs.

The improved fi-domain name service offers users a more user-friendly way of applying for fi-domain names as well as for renewing, terminating and paying for them. At the same time, the system takes into consideration the modern requirements for electronic services better than before. The renewed service introduces the so-called DNSSec support to improve the information security of fi-domain names. The service also contains full IPv6 support, which is critical since it is believed that IPv6 connections will grow strongly in the future as available IPv4 addresses can no longer be assigned.

The improvements in the service contain added information on domain names for different user groups, such as companies, organisations and private persons. The service provides answers to such questions as who is entitled to apply for a domain name, to whom are fi-domain names granted, what can be registered as a domain name, what are domain names used for and the ways in which one can apply for a domain name.

The service has a specific section for service providers who can be authorised to apply for a domain name and assists domain name applicants in matters concerning the name server, server status and e-mail servers."

Source: Retrieved on Tuesday 13 September 2011 from telecompaper.com/news/finland-to-launch-improved-fi-domain-name-service