A Precise and Efficient Evaluation of the Proximity Between Web Clients and Their Local DNS Servers
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
A day at the root of the internet
ACM SIGCOMM Computer Communication Review
Deploying and Monitoring DNS Security (DNSSEC)
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
The collateral damage of internet censorship by DNS injection
ACM SIGCOMM Computer Communication Review
| Hi-index | 0.00 |
DNSSEC is a security extension that adds public-key signatures to the Domain Name System for the purpose of data authenticity and integrity. While DNSSEC signatures are being deployed on an increasing number of name servers, little is known about the deployment advancements of client-side DNSSEC validation. In this paper we present a methodology to determine whether a client is protected by DNSSEC validation. We applied our methodology over a period of 7 months collecting results from different data sources. After data cleaning, we gathered 131,320 results from 98,179 distinct IP addresses, out of which 4.8% had validation enabled. The ratio varies significantly per country, with Sweden, the Czech Republic and the United States having the largest ratios of validating clients in the field.