A few random thoughts from my yesterday’s #Akkoma instance failure:
* Elixir libraries used by #Pleroma and #Akkoma suck at #IPv6 - this manifests by rather puzzling error messages like “I can’t resolve your Postgres server name” but it’s because it only resolves to AAAA, same for egress HTTP […]
Four times a year, strangers fly to a secure facility, enter a metal cage inside a signal-proof room, and turn keys in unison to keep the internet secure. New episode of Lore in the Machine 🎧
loreinthemachine.com/episodes/6-a-ritual-to-secure-the-internet #infosec #DNSSEC #cybersecurity #techhistory
PowerDNS DNSdist 1.9.12 and 2.0.3 Released (Security Release)
blog.powerdns.com/2026/03/31/p...
#dns #dnssec
Recap: EURALO Multilingual Read-Out ICANN85 — DNS abuse PDP, new #gTLD round (opens Apr 30), ICP-2 reform, #WSIS20, survivability, end-user legitimacy & more. #InternetGovernance #EURALO #DNSSEC #ICANN85 #UniversalAcceptance
open.substack.com/pub/isoclive...
ISC patches BIND 9.18.47, 9.20.21, and 9.21.20 to fix four vulnerabilities, including two high-severity flaws causing memory leaks and high CPU during DNSSEC processing. No known exploits reported. #BIND9 #DNSSEC #USA
NIST releases SP 800-81r3, the first major DNS security update since 2013. It mandates encrypted DNS for US federal agencies, promotes hybrid protective DNS, updates cryptographic algorithms, and enhances operational best practices. #US #DNSSEC
NIST updates its DNS security guidance for the first time in over a decade
📖 Read more: www.helpnetsecurity.com/2026/03/23/n...
#cybersecurity #cybersecuritynews #DNS #DNSSEC #securitystandard
NIST updates its DNS security guidance for the first time in over a decade DNS infrastructure underpins nearly every network connection an organization makes, yet security configurations for it hav...
#Don't #miss #News #cybersecurity #DNS #DNSSEC […]
[Original post on helpnetsecurity.com]
Weekend Reads
* Secure DNS deployment guide
nvlpubs.nist.gov/nistpubs/SpecialPublicat...
* Domain name renewals across ccTLDs
www.sidnlabs.nl/en/news-and-blogs/analys...
* Exposed API credentials on the web […]
RECAP - NextGen@ICANN85 Presentations open.substack.com/pub/isoclive... #ICANN85 #ICANNnextgen #InternetGovernance #UniversalAcceptance #IDN #DNSAbuse #DigitalInclusion #Internet4All #DNSSEC #E2EE
Weekend Reads
* Post-quantum RPKI framework
https://arxiv.org/abs/2603.06968
* DNSSEC negative trust anchors
quad9.net/news/blog/dnssec-ntas-no...
* AS112 deployment characteristics
0x03c0.com/files/pam26-as112-camera...
* Geoff Huston on […]
Test your domains #IPv6 #DNSSEC #security.txt #RPKI and more at kommunermedipv6.se/test.html
Test your Internet connection here test-ipv6.se
The image features a digital background with code and circuitry, prominently displaying the text "quad9" in the center.
DNSSEC Negative Trust Anchors: No Good Compromises => learn more about them and our new policy.
quad9.net/news/blog/dn...
#infosec #DNSSEC #transparency #security #DNS
DNSSEC-validatie verplicht vanaf 24 februari 2026
#Persbericht #Networking4all #SSL/TLScertificaten #DNSSEC #DNSSECcheckingtool #CertificateAuthorities #Domeincontrole #CertificateAuthorityAuthorization
The Underbar (the #perl podcast) has an interview with Olaf Kolkman about Perl and DNS and other things pca.st/episode/042e...
#dns #dnssec #ietf #icann
Massive update at kommunermedipv6.se - The Baltics, Benelux, the British Isles, and Poland have been added for #IPv6, #DNSSEC, security.txt, SPOF and #RPKI.
OMX Stockholm Large CAP with SPOF, IPv6, security.txt, and RPKI at lnkd.in/dueZyiY3.
Everything is available at lnkd.in/dW9Y-_2B
PowerDNS Authoritative Server 5.0.3 & 4.9.13 Released
blog.powerdns.com/2026/02/20/p...
#dns #dnssec
Inbound SMTP still vulnerable to downgrade & MITM attacks?
Then read this post for configuring inbound DANE + DNSSEC to enforcing TLS encryption
Covers prereqs, DNS config, validation & testing.
www.chanceofsecurity.com/post/how-to-...
#ExchangeOnline #DNSSEC #DANE #EmailSecurity #Microsoft365
Fixed a DNSSEC oopsie on my domains hofsted.it and blog.hofstede.it .. Now everything validates cleanly again ..
#selfhosting #devops #dns #dnssec
Email security isn’t magic, it’s layered building blocks.
This post breaks down these blocks, and shows how they work together to protect sender identity, DNS integrity, and SMTP transport.
🔗 chanceofsecurity.com/post/modern-...
#EmailSecurity #DMARC #DNSSEC #ExchangeOnline #MicrosoftSecurity #MS
PowerDNS Security Advisory 2026-01
(aka PowerDNS Recursor 5.1.10, 5.2.8 and 5.3.5 released)
blog.powerdns.com/2026/02/09/p...
#dns #dnssec
Estonia, Latvia, and Lithuania are now available on kommunermeddnssec.se and kommunermedipv6.se.
There are still some issues with domain names/geo data for Norway, Iceland, and the newly added countries, but that might be fixed tomorrow.
#IPv6 #DNSSEC
Enabling #DNSSEC is easy as cake with PowerDNS. Just a copy & paste to INWX’s domain management console and that’s it.
Enabling DANE for my e-mail server was easy afterwards as well. There is no reason today not to have it :-)
