News

DNS traffic encryption is all the rage, with standardisation, software and deployment advancing. But root server operators are questioning encryption for traffic going up to their servers. In a joint public statement of 31 March they declared they would not introduce encryption for the 13 root servers at this point in time. We asked the operators of root servers I and K, Lars-Johan Liman from Swedish operator Netnod and Kaveh Ranjibar from Ripe NCC, why root operators do not want to secure DNS queries by encryption.

Brussels, 19 May 2021 - CENTR, which represents European national top-level domain name registries (ccTLDs) such as .ie or .eu, has published a comment on the Proposal for a Directive on measures for a high common level of cybersecurity across the Union, repealing Directive (EU) 2016/1148 (also known as the NIS 2 Directive).

We are looking for a dedicated and highly motivated Policy Officer to join our small, fabulous team in Brussels and serve our international and multilingual membership who are at the core of the internet infrastructure.

In a nutshell: The European Commission unveiled its proposal on the Artificial Intelligence Act and the EU Strategy to tackle organised crime until 2025. ENISA published research directions for the EU digital strategic autonomy. The Council of Europe published a new draft text of the 2nd Additional Protocol to the Budapest Convention. The negotiators in the European Parliament and the Council of the EU reached a provisional agreement on temporary rules to detect and remove child abuse material. The European Parliament adopted TERREG.

As part of a European-funded project it is involved in, CENTR would be very grateful if European registries and registrars could help it in its research and fill in a survey on using eIDAS.

With the mushrooming deployment of encrypted DNS transport protocols like DNS over HTTPS (DoH) and DNS over TLS (DoT), one might be seduced into thinking that in-flight confidentiality of DNS queries is a problem done and dusted. A comprehensive modeling of the security threats, however, reveals otherwise.

CENTR, which represents European national top-level domain name registries such as .ie or .eu, has published a comment on the Proposal for a Regulation on a Single Market For Digital Services (Digital Services Act).

In a nutshell: The European Commission unveiled its Digital Targets for 2030. Four EU countries called for European digital sovereignty in a letter to the European Commission. The European Data Protection Supervisor issued an opinion on the Europol Regulation proposal and the NIS 2 Directive proposal. The European Court of Justice delivered a judgment about the admissibility of evidence in cases of access to electronic communications traffic and location data. The Council of the EU adopted conclusions on the EU cybersecurity strategy. The European Parliament adopted its resolution on the implementation of the GDPR. EUIPO published a discussion paper on challenges and good practices to prevent the misuse of domain names for IP infringements.

CENTR has published its Report on ICANN70, which took place virtually during the month of March 2021. This report focuses on the Country Code Names Supporting Organisation (ccNSO) and the Government Advisory Committee (GAC) sessions.

Discussed since the 1990s, the Domain Name System Security Extensions (DNSSEC) add authenticity to DNS records. To understand the current state of DNSSEC deployment, we interviewed Ulrich Wisser, who works at the Swedish Internet Foundation, a CENTR member that operates the .se top-level domain. We also discuss an Internet Draft co-authored by Ulrich Wisser that proposes an algorithm and a protocol to automate operations for multi-signer DNSSEC. The text has been edited for brevity and clarity.