Abstract
A resilient Internet requires a resilient Domain Name System (DNS).
A resilient DNS ensures the continuous availability of many services and should withstand outages (e.g., power outages or cable cuts), attacks (e.g., DDoS), and technical disruptions while still maintaining integrity and confidentiality.
In this talk, we introduce the ISOC project to measure DNS resilience.
The Internet standards community (IETF) has published several operational best practices to improve DNS resilience, but operators must make their own decisions that tradeoff security, cost, and complexity. Since these decisions can impact the security of billions of Internet users, recently ICANN has proposed an initiative to codify best practices into a set of global norms to improve security: the Knowledge-Sharing and Instantiating Norms for DNS and Naming Security (KINDNS).
The goal of this project is to conduct an independent study on the measurable practices of the KINDNS framework, as well as other important DNS resilience practices. We aim to develop a DNS resilience observatory that collects information from public sources together with Internet-wide measurements to provide a longitudinal view of the evolution and adoption of DNS best practices globally.
In the early stages of this project, we would like to ask for feedback and contributions from the community.
Recording
Video will be added soon.
Speaker
Maynard Koch
I am a PhD student and research associate at the Chair of Distributed and Networked Systems at TU Dresden, supervised by Prof. Dr. Matthias Wählisch. Before joining TU Dresden, I graduated with a BSc and MSc in Computer Science from Freie Universität Berlin. My research focuses on Internet measurements to improve network security. I'm particularly interested in DNS and scalable IPv6 scanning.
Rate this talk
Rating will open: Monday, 18 May 2026 09:00 (+0100).