Two new DNSSEC-validating DNS services launched

In recent weeks, two new DNS services for the general public have been launched, and both support DNSSEC validation.

In recent weeks, two new DNS services for the general public have been launched, and both support DNSSEC validation.

The first is Quad9, an industry consortium established by IBM, PCH and a long list of ICT security companies. Given the consortium's membership, it's no surprise that the service places particular emphasis on blocking referrals to domain names associated with abuse. Quad9 says that all query/response information will be retained — classified not by IP address but on the basis of geolocation — and shared with participants.

The second new DNS service is 1.1.1.1, an initiative by CDN provider Cloudflare and APNIC, the IP address administrator for the APAC region. The service is aimed explicitly at end users, with privacy protection as its central feature.

Manuals are available here [1, 2] for configuring a resolver running Unbound and configuring the 1.1.1.1 service on, respectively, Raspberry Pi and the OpenWrt platform. Those mini-systems are therefore now part of the same family as the Valibox, a device that lets end users immediately enable end-to-end DNSSEC validation on their wireless home/office networks.

Google's Public DNS and OpenDNS

With the new DNS services up and running, there are now two DNSSEC-validating alternatives to Google's Public DNS, which (temporarily) logs users' IP addresses, for example.

The fourth major public DNS service is OpenDNS, a commercial service now under the Cisco umbrella, which doesn't support DNSSEC validation.

Comments

  • Wednesday 21 March 2018

    Knowledge

    Webinar about the implications of the GDPR for domain name registration

    Thumb-webinar-blue

    5 April 2018, 15:30 to 17:00 (CEST)

    Read more
  • Thursday 11 July 2019

    DNSSEC

    New incentives for security standards DNSSEC and DANE

    Thumb-padlock-icon-with-smile

    A DNSSEC/DANE medley

    Read more
  • Tuesday 25 September 2018

    .nl domain name

    ACM becomes first government agency that can order SIDN to take down domain names

    Thumb-ACM

    We welcome the change

    Read more

Sorry

Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.