Paul Vixie - Benefits and Hazards of "Public" vs "Private" vs "Local" DNS

14:00
Thursday
4
Apr
2019
Organized by: 
L'équipe Keynote du LIG : Nicolas Peltier, Renaud Lachaize, Dominique Vaufreydaz
Speaker: 
Paul Vixie (Farsight Security)
Teams: 

 

Paul Vixie is an American computer scientist whose technical contributions include Domain Name System (DNS) protocol design and procedure, mechanisms to achieve operational robustness of DNS implementations, and significant contributions to open source software principles and methodology. He is currently the CEO of Farsight Security. He previously served as President, Chairman and Founder of Internet Systems Consortium (ISC), as President of MAPS, PAIX and MIBH, as CTO of Abovenet/MFN, and on the boards of several forprofit and non-profit companies. He served on the ARIN Board of Trustees from 2005 to 2013, as ARIN Chairman in 2008 and 2009, and was a founding member of ICANN Root Server System Advisory Committee (RSSAC) and ICANN Security and Stability Advisory Committee (SSAC). He operated the ISC's F-Root name server for many years, and is a member of Cogent's C-Root team. He is a sysadmin for Op-Sec-Trust. Vixie has been contributing to Internet protocols and UNIX systems as a protocol designer and software architect since 1980. He wrote Cron (for BSD and Linux), and is considered the primary author and technical architect of BIND 4.9 and BIND 8, and he hired many of the people who wrote BIND 9. He has authored or coauthored a dozen or so RFCs, mostly on DNS and related topics, and of Sendmail: Theory and Practice (Digital Press, 1994). His technical contributions include DNS Response Rate Limiting (RRL), DNS Response Policy Zones (RPZ), and Network Telemetry Capture (NCAP). He earned his Ph.D. from Keio University for work related to DNS and DNSSEC, and was named to the Internet Hall of Fame in 2014.

 

 

Réalisation technique : Antoine Orlandi | Tous droits réservés

 

Since commercialization and privatization of the Internet first began in the 1990's, there has been a steady push to move access side DNS (called "recursive") away from customer networks and towards first ISP's and later Cisco, Google, IBM, and Cloudflare. What are the real motives for this trend? What are the risks and costs, and who pays them? Dr. Vixie has worked in the DNS field since 1989 and has invented many of the monitoring and filtering capabilities now used by nearly all DNS services, and he will try to explain what's happening. Special attention will be paid to the new web-based "DNS over HTTP" or "DoH" protocol now being strongly pushed by Mozilla and others.