1. The DNS is widely used but lacks security measures like encryption, making it easy to monitor users' activities and inject false responses.
2. Efforts to add authenticity through DNSSEC have had limited success due to technical challenges and lack of adoption.
3. The DNS is increasingly being used for application-level functions through extensions, but this increases the privacy risks as DNS queries reveal more user intentions.
4. Solutions exist like DNS over TLS and DNS over HTTPS to provide encryption, but full deployment faces economic and technical barriers, risking further fragmentation of the DNS.
APNIC Chief Scientist Geoff Huston and João Damas present on metrics on DNS centrality, focusing their research on resolvers at RIPE 82, held online from 17 to 21 May 2021.
ICANN DNS Symposium 2021: Measuring Recursive Resolver CentralityAPNIC
APNIC Chief Scientist Geoff Huston and João Damas presented metrics on DNS centrality, focusing their research on resolvers at the ICANN DNS Symposium 2021, held online from 25 to 27 May 2021.
2nd ICANN APAC-TWNIC Engagement Forum: DNS OblivionAPNIC
APNIC Chief Scientist Geoff Huston gives an overview of the complex many-layered model of DNS security, and a new emerging world of choices for protecting traffic, hiding queries, and the future trends in ISP provided, and independent third-party DNS services at the 2nd ICANN APAC-TWNIC Engagement Forum, held from 15 to 16 April 2021.
APNIC Chief Scientist Geoff Huston and João Damas present on metrics on DNS centrality, focusing their research on resolvers at RIPE 82, held online from 17 to 21 May 2021.
ICANN DNS Symposium 2021: Measuring Recursive Resolver CentralityAPNIC
APNIC Chief Scientist Geoff Huston and João Damas presented metrics on DNS centrality, focusing their research on resolvers at the ICANN DNS Symposium 2021, held online from 25 to 27 May 2021.
2nd ICANN APAC-TWNIC Engagement Forum: DNS OblivionAPNIC
APNIC Chief Scientist Geoff Huston gives an overview of the complex many-layered model of DNS security, and a new emerging world of choices for protecting traffic, hiding queries, and the future trends in ISP provided, and independent third-party DNS services at the 2nd ICANN APAC-TWNIC Engagement Forum, held from 15 to 16 April 2021.
Rolling the Root Zone DNSSEC Key Signing Key, by Edward Lewis.
A presentation given at APNIC 42's DNS and INR Security session on Monday, 3 October 2016.
How Greta uses NATS to revolutionize data distribution on the InternetApcera
Dennis Mårtensson is the CTO and co-founder of Greta, a Swedish startup that wants to change the way content is delivered on the internet. Greta has developed a technology for peer-to-peer content delivery over webRTC and are using NATS to create rapid webRTC signaling.
You can learn more about NATS at http://www.nats.io. You can learn more about Greta at https://greta.io/
APNIC Chief Scientist Geoff Huston briefly explains DNSSEC and the role of the KSK, and the way in which we can measure the possible impact of this planned roll.
William Brander and Sean Farmar show how the monitoring game changes when a system becomes distributed and you start delving into the world of microservices.
Learn:
* Why monitoring changes in distributed systems
* A monitoring philosophy that ensures all bases are covered
* The aspects of monitoring that affect asynchronous messaging systems
APNIC Chief Scientist, Geoff Huston, gives a presentation on DOH and the changing nature of the DNS as infrastructure at NZNOG 2020 in Christchurch, New Zealand, from 28 to 31 January 2020.
Many applications are network I/O bound, including common database-based applications and service-based architectures. But operating systems and applications are often untuned to deliver high performance. This session uncovers hidden issues that lead to low network performance, and shows you how to overcome them to obtain the best network performance possible.
How Tencent Applies Apache Pulsar to Apache InLong —— A Streaming Data Integr...StreamNative
As the largest provider of Internet products and services in China, Tencent serves billions of users across the world. Such huge number of users has brought unprecedented value to the big data generated.
Serves as the front line of Tencent Big Data, Apache InLong is a one-stop streaming data integration solution which is mainly responsible for data collection, distribution, preprocessing and management.
Apache InLong choose pulsar as its data middleware for its high reliability and other capabilities like multi-tenancy, read-write separation, cross-regional replication and flexible fault tolerance.
Tencent Big Data Team will share their journal of adopting Pulsar in their core data engine to process tens of billions of data integration. Besides, some problems they encountered during the process and the improvements on pulsar they have made will also be shared as an example for future Pulsar users.
Presentation on 'The Path to Resolverless DNS' by Geoff HustonAPNIC
Presentation on 'The Path to Resolverless DNS' by Geoff Huston for OARC 39 and 47th CENTR technical workshop, held in Belgrade on 22 and 23 October 2022
Rolling the Root Zone DNSSEC Key Signing Key, by Edward Lewis.
A presentation given at APNIC 42's DNS and INR Security session on Monday, 3 October 2016.
How Greta uses NATS to revolutionize data distribution on the InternetApcera
Dennis Mårtensson is the CTO and co-founder of Greta, a Swedish startup that wants to change the way content is delivered on the internet. Greta has developed a technology for peer-to-peer content delivery over webRTC and are using NATS to create rapid webRTC signaling.
You can learn more about NATS at http://www.nats.io. You can learn more about Greta at https://greta.io/
APNIC Chief Scientist Geoff Huston briefly explains DNSSEC and the role of the KSK, and the way in which we can measure the possible impact of this planned roll.
William Brander and Sean Farmar show how the monitoring game changes when a system becomes distributed and you start delving into the world of microservices.
Learn:
* Why monitoring changes in distributed systems
* A monitoring philosophy that ensures all bases are covered
* The aspects of monitoring that affect asynchronous messaging systems
APNIC Chief Scientist, Geoff Huston, gives a presentation on DOH and the changing nature of the DNS as infrastructure at NZNOG 2020 in Christchurch, New Zealand, from 28 to 31 January 2020.
Many applications are network I/O bound, including common database-based applications and service-based architectures. But operating systems and applications are often untuned to deliver high performance. This session uncovers hidden issues that lead to low network performance, and shows you how to overcome them to obtain the best network performance possible.
How Tencent Applies Apache Pulsar to Apache InLong —— A Streaming Data Integr...StreamNative
As the largest provider of Internet products and services in China, Tencent serves billions of users across the world. Such huge number of users has brought unprecedented value to the big data generated.
Serves as the front line of Tencent Big Data, Apache InLong is a one-stop streaming data integration solution which is mainly responsible for data collection, distribution, preprocessing and management.
Apache InLong choose pulsar as its data middleware for its high reliability and other capabilities like multi-tenancy, read-write separation, cross-regional replication and flexible fault tolerance.
Tencent Big Data Team will share their journal of adopting Pulsar in their core data engine to process tens of billions of data integration. Besides, some problems they encountered during the process and the improvements on pulsar they have made will also be shared as an example for future Pulsar users.
Presentation on 'The Path to Resolverless DNS' by Geoff HustonAPNIC
Presentation on 'The Path to Resolverless DNS' by Geoff Huston for OARC 39 and 47th CENTR technical workshop, held in Belgrade on 22 and 23 October 2022
Domain Name System and Dynamic Host Configuration Protocol.pptxUsmanAhmed269749
Introduction to DNS and DHCP. The presentations highlights the introduction of Domain name System and Dynamic Host Configuration Protocol. These are essential study part in computer networking
23rd PITA AGM and Conference: DNS Security - A holistic view APNIC
Security Specialist Jamie Gillespie presents on DNS Security, examining the complex interactions of this system, from domain registration to name resolution, the security risks of each component, and the mitigation options currently available at 23rd PITA AGM and Annual Conference in Nadi, Fiji from 8 to 12 April 2019.
The Domain Name System (DNS) is a critical part of Internet infrastructure and the largest distributed Internet directory service. DNS translates names to IP addresses, a required process for web navigation, email delivery, and other Internet functions. However, the DNS infrastructure is not secure enough unless the security mechanisms such as Transaction Signatures (TSIG) and DNS Security Extensions (DNSSEC) are implemented. To guarantee the availability and the secure Internet services, it is important for networking professionals to understand DNS concepts, DNS Security, configurations, and operations.
This course will discuss the concept of DNS Operations in detail, mechanisms to authenticate the communication between DNS Servers, mechanisms to establish authenticity, and integrity of DNS data and mechanisms to delegate trust to public keys of third parties. Participant will be involved in Lab exercises and do configurations based on number of scenarios.
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...APNIC
Chimi Dorji, Internet Resource Analyst at APNIC, presented on Registry Data Accuracy Improvements at SANOG 41 jointly held with INNOG 7 in Mumbai, India from 25 to 30 April 2024.
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
Sunny Chendi, Senior Advisor, Membership and Policy at APNIC, presents 'APNIC Policy Roundup' at the 5th ICANN APAC-TWNIC Engagement Forum and 41st TWNIC OPM in Taipei, Taiwan from 23 to 24 April.
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
Dave Phelan, Senior Network Analyst/Technical Trainer at APNIC, presents 'DDoS In Oceania and the Pacific' at NZNOG 2024 held in Nelson, New Zealand from 8 to 12 April 2024.
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
Geoff Huston, Chief Scientist at APNIC deliver keynote presentation on the 'Future Evolution of the Internet' at the Everything Open 2024 conference in Gladstone, Australia from 16 to 18 April 2024.
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
Paul Wilson, Director General of APNIC delivers a presentation on IP addressing and IPv6 to the Policymakers Program during IETF 119 in Brisbane Australia from 16 to 22 March 2024.
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
Tom Harrison, Product and Delivery Manager at APNIC presents at the Registration Protocols Extensions working group during IETF 119 in Brisbane, Australia from 16-22 March 2024
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
Che-Hoo Cheng, Senior Director, Development at APNIC presents on the "Benefits of doing Internet peering and running an Internet Exchange (IX)" at the Communications Regulatory Commission of Mongolia's IPv6, IXP, Datacenter - Policy and Regulation International Trends Forum in Ulaanbaatar, Mongolia on 7 March 2024
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
APNIC Senior Advisor, Membership and Policy, Sunny Chendi presented on APNIC updates and RIR Policies for ccTLDs at APTLD 85 in Goa, India from 19-22 February 2024.
Lao Digital Week 2024: It's time to deploy IPv6APNIC
APNIC Development Director Che-Hoo Cheng presents on the importance of deploying IPv6 at the Lao Digital Week 2024, held in Vientiane, Lao PDR from 10 to 14 January 2024.
APNIC Chief Scientist Geoff Huston presents on the increasing adoption of privacy-related mechanisms that obscure how the network can observe user traffic at AINTEC 2023, held in Bangkok, Thailand from 12 to 14 December 2023.
Understanding User Behavior with Google Analytics.pdfSEO Article Boost
Unlocking the full potential of Google Analytics is crucial for understanding and optimizing your website’s performance. This guide dives deep into the essential aspects of Google Analytics, from analyzing traffic sources to understanding user demographics and tracking user engagement.
Traffic Sources Analysis:
Discover where your website traffic originates. By examining the Acquisition section, you can identify whether visitors come from organic search, paid campaigns, direct visits, social media, or referral links. This knowledge helps in refining marketing strategies and optimizing resource allocation.
User Demographics Insights:
Gain a comprehensive view of your audience by exploring demographic data in the Audience section. Understand age, gender, and interests to tailor your marketing strategies effectively. Leverage this information to create personalized content and improve user engagement and conversion rates.
Tracking User Engagement:
Learn how to measure user interaction with your site through key metrics like bounce rate, average session duration, and pages per session. Enhance user experience by analyzing engagement metrics and implementing strategies to keep visitors engaged.
Conversion Rate Optimization:
Understand the importance of conversion rates and how to track them using Google Analytics. Set up Goals, analyze conversion funnels, segment your audience, and employ A/B testing to optimize your website for higher conversions. Utilize ecommerce tracking and multi-channel funnels for a detailed view of your sales performance and marketing channel contributions.
Custom Reports and Dashboards:
Create custom reports and dashboards to visualize and interpret data relevant to your business goals. Use advanced filters, segments, and visualization options to gain deeper insights. Incorporate custom dimensions and metrics for tailored data analysis. Integrate external data sources to enrich your analytics and make well-informed decisions.
This guide is designed to help you harness the power of Google Analytics for making data-driven decisions that enhance website performance and achieve your digital marketing objectives. Whether you are looking to improve SEO, refine your social media strategy, or boost conversion rates, understanding and utilizing Google Analytics is essential for your success.
2.Cellular Networks_The final stage of connectivity is achieved by segmenting...JeyaPerumal1
A cellular network, frequently referred to as a mobile network, is a type of communication system that enables wireless communication between mobile devices. The final stage of connectivity is achieved by segmenting the comprehensive service area into several compact zones, each called a cell.
Italy Agriculture Equipment Market Outlook to 2027harveenkaur52
Agriculture and Animal Care
Ken Research has an expertise in Agriculture and Animal Care sector and offer vast collection of information related to all major aspects such as Agriculture equipment, Crop Protection, Seed, Agriculture Chemical, Fertilizers, Protected Cultivators, Palm Oil, Hybrid Seed, Animal Feed additives and many more.
Our continuous study and findings in agriculture sector provide better insights to companies dealing with related product and services, government and agriculture associations, researchers and students to well understand the present and expected scenario.
Our Animal care category provides solutions on Animal Healthcare and related products and services, including, animal feed additives, vaccination
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
3. Why pick on the DNS?
The DNS is used by everyone and everything
• Because pretty much everything you do on the net starts with a call to
the DNS
• If we could see your stream of DNS queries in real time we could easily
assemble a detailed profile of you and your interests and activities -
as it happens!
4. Why pick on the DNS?
The DNS is very easy to tap and tamper
• DNS queries are open and unencrypted
• DNS payloads are not secured and tampering cannot be readily detected
• DNS responses are often predictable and false answers can be injected
5. Why pick on the DNS?
The DNS is hard for users to trace
• Noone knows exactly where their queries go
• Noone can know precisely where their answers come from
6. What are we doing about
this?
I’d like to look at this question by grouping our
responses into three areas of activity:
1. Adding authenticity to the DNS
2. Increasing the reliance on the DNS for application level
rendezvous functions
3. Plugging DNS information leaks
7. 1. Adding authenticity to the DNS
2. Increasing the reliance on the DNS for application
level rendezvous functions
3. Plugging DNS information leaks
8. How can you trust the DNS
answer?
• Send your query to the “right” IP address and you will get the “right
answer!
Or
• Request a digital signature along with the DNS answer and validate
the answer using a pre-provisioned trusted key (DNSSEC)
8
9. How can you trust the DNS
answer?
• Send your query to the “right” IP address and you will get the “right
answer!
Or
• Request a digital signature along with the DNS answer and validate
the answer using a pre-provisioned trusted key (DNSSEC)
9
Nope! No good!
So this must be the ‘right’ answer – yes?
So, lets all use DNSSEC! Yes?
11. Is DNSSEC being used?
Yes and No!
11
Who validates DNS responses?
https://stats.labs.apnic.net/dnssec
12. Is DNSSEC being used?
Yes and No!
12
2014 2016 2018 2020
Who validates DNS responses?
22% of users are behind
DNSSEC-validating resolvers
who will not resolve a badly
signed DNS name
https://stats.labs.apnic.net/dnssec/XA
13. Is DNSSEC being used?
Yes and No!
13
Who signs DNS Zones?
Public data on the DNSSEC zone signing rate
is hard to define, and even harder to come by!
?
14. Problems with DNSSEC
14
• Large DNS responses cause robustness issues for DNS
• Getting large responses through the network has reliability issues with UDP packet
fragmentation and timing issues with signalled cut-over to TCP
• The validator has to perform a full backtrace query sequence to assemble the full
DNSSEC signature chain
• So the problem is that DNSSEC validation may entail a sequence of queries where
each of the responses may require encounter UDP fragmentation packet loss
• And cryptographically stronger keys tend to be bigger keys over time, so
this issue is not going away!
• The stub-to-recursive hop is generally not using validation, so the user ends
up trusting the validating recursive resolver in any case, so the current
DNSSEC framework represents a lot of effort for only a marginal gain
15. Are we getting better at DNSSEC?
There is still a lot of room to improve our DNSSEC story
• Reducing validation-chain query delays using DNSSEC Chain responses?
• Using “denser” crypto algorithms to limit key and signature sizes?
• Using TCP for DNSSEC queries?
• NSEC3? Really?
• NSEC5? YMBK!
15
16. Authenticity in the DNS
• DNSSEC Validation cannot not prevent DNS eavesdropping,
interception or tampering – all it can do is withhold DNS responses
that are not “genuine”
• DNSSEC adoption is a trade-off in terms of additional costs of added
points of fragility, added delay and load points balanced against the
increased assurance of being able to place trust that the DNS
responses are authentic
16
17. 1. Adding authenticity to the DNS
2. Increasing the reliance on the DNS for application
level rendezvous functions
3. Plugging DNS information leaks
18. It used to be so simple
• Query the DNS with a DNS service name
• Get a response with the IP host address where the service is located
• Use the application to negotiate a service session with the addressed
host
• All services that share a common name share a common IP host
address
18
19. But we wanted more:
We wanted to make a distinction between the service name and the
platform that hosted the service
• We wanted to have different services accessible using the same service name
• We wanted a collection of platforms to deliver the service associated with a
single service name
• We wanted to outsource different services to different service providers
• We wanted to steer the user to the “right” service provider for each user
• And we wanted it to be FAST!
• The concept of “go anywhere first and get redirected to an optimal service delivery
point” is considered to be not FAST
19
20. So we added Bells and Whistles
Place all of this optimisation into the DNS by:
• Mapping the service names to host names
• CNAME, DNAME and ANAME
• None of these are very satisfactory!
• The SRV record
• It’s either a swiss army knife or a chain saw massacre!
• Add the service name (port) and protocol (transport) to the service name and use this as
the query
• And get the DNS response to come back with a collection of service delivery points
• The Client Subnet query extension
• Tag the query with the querier to permit tailoring of the service response in the DNS
rather than in the application
20
21. More Bells (and Whistles!)
SVCB and HTTPSSVC Resource Records
• The “mega” response that can provide Application Level Protocols, IPv4 and
IPv6 addresses, ESNI key, priority
• Oh, and yes, there is an “alias form” that allows alias mapping at a zone apex
21
22. It’s faster, but…
• But as we add more instrumentation to the DNS, it becomes a generic
rendezvous tool, where a client forms a query based on an intended
service access and the DNS response provides a set of service
connection parameters that is potentially tailored to optimise the
delivered service
• This means that real time knowledge of a user’s DNS queries is
synonymous to knowledge of a users immediate intentions on the
network
• Which means that the DNS privacy issues become more critical than
ever!
22
23. 1. Adding authenticity to the DNS
2. Increasing the reliance on the DNS for application
level rendezvous functions
3. Plugging DNS information leaks
24. Plugging the DNS leakage
• Query Name Minimisation to reduce the extravagant chattiness of the
DNS resolution process
• DNS over TLS on the stub to recursive paths
• Channel protection, remote end authentication and transport robustness
• DNS over HTTPS (/3) on the stub to recursive paths
• Channel protection, remote end authentication, transport robustness and
HTTP object semantics
• Oblivious DNS over HTTPS (/3) on the stub to recursive paths
• Hide the implicit end point identity / query name association leakage
24
25. Coming soon?
• Extending DNS channel protection to the recursive to authoritative
hops
(Although this may be tougher than it looks at first!)
25
26. Scaling with Encrypted
Channels
• Session level encryption involves session establishment and
maintenance overhead
• Typically this entails a TCP overhead (direction or within a QUIC envelope) and
a TGLS overhead
• This can be amortised through session reuse
• Session reuse is most effective on the stub to recursive paths
• The secure Web infrastructure points to ways that we can scale an
encrypted DNS infrastructure, but the economics of the DNS are
somewhat different than those of the web
26
28. Can we do this?
• Pretty clearly we have most of the tools available to achieve all of
these objectives
• Leverage TLS to provide session level encryption
• Leverage HTTPS to push stub resolution functions into applications
• Use the DNS HTTPSSVC to provide the ESNI key
• Yes we can!
28
29. Will we do this?
• This is a far more challenging question!
29
30. If HTTPS worked, why not DoH?
• Any change to the DNS that requires user configuration, or a change
of host and/or CPE behaviour. Both of these changes will not be easy
to gather deployment momentum
• There is no untapped financial return in DNS resolution, so this is not
an activity that has strong commercial impetus
• Many public environments use DNS oversight and alteration as a
means of content moderation - there is little appetite to make that
role harder to perform
• Browser vendors have far more limited leverage in the DNS, as
compared to content delivery over HTTP
31. The DNS Economy
• In the public Internet, end clients don’t normally pay directly for DNS
recursive resolution services
• Which implies that outside of the domain of the local ISP, DNS
resolvers are essentially unfunded by the resolver’s clients
• And efforts to monetise the DNS with various forms of funded
misdirection (such as NXDOMAIN substitution) are generally viewed
with extreme disfavour
• Open Resolver efforts run the risk of success-disaster
• They more they are used, the greater the funding problem
• The greater the funding problem the greater the temptation to monetise the
DNS resolver function in more subtle ways
32. The DNS Economy
• The default option is that the ISP funds and operate the recursive DNS
service, funded by the ISP’s client base
• 70% of all end clients use same-network recursive resolvers
• However the fact that is works today does not mean that you can
double the input costs and expect it to just keep on working
tomorrow
• For ISPs the DNS is usually a cost department, not a revenue source
• We should expect strong resistance from ISPs to increase their costs in DNS
service provision
• The DNS is also highly resistant to changes in the edge infrastructure
32
33. Where is this heading?
• Will any of these privacy approaches becomes mainstream in the
public Internet?
34. My Opinion
• ISP-based provisioning of DNS servers without channel encryption will
continue to be the mainstream of the public DNS infrastructure
• Most users don’t change their platform settings from the defaults and
CPE based service provisioning in the wired networks and direct
provisioning in mobile networks will persist
35. My Opinion
• ISP-based provisioning of DNS servers without channel encryption will
continue to be the mainstream of the public DNS infrastructure
• Most users don’t change their platform settings from the defaults and
CPE based service provisioning in the wired networks and direct
provisioning in mobile networks will persist
• But that’s not the full story...
36. Fragmenting the DNS
• It appears more likely that those applications who want to tailor their
DNS use to adopt a more private profile will hive off to use DoH to an
application-selected DNS service, while the platform itself will
continue to use libraries that will default to DNS over UDP to the ISP-
provided recursive DNS resolver
• That way the application’s ecosystem can fund its own DNS privacy
infrastructure and avoid waiting for everyone else to make the
necessary infrastructure and service investments before they can
adopt DNS privacy themselves
• The prospect of application-specific naming services is a very real
prospect in such a scenario
37. Fragmenting the DNS
• It appears more likely that those applications who want to tailor their
DNS use to adopt a more private profile will hive off to use DoH to an
application-selected DNS service, while the platform itself will
continue to use libraries that will default to DNS over UDP to the ISP-
provided recursive DNS resolver
• That way the application’s ecosystem can fund its own DNS privacy
infrastructure and avoid waiting for everyone else to make the
necessary infrastructure and service investments before they can
adopt DNS privacy themselves
• The prospect of application-specific naming services is a very real
prospect in such a scenario
Those parts of the environment with
sufficient motivation and resources will
simply stop waiting for everyone else
to move and they will just do what
they feel they need to do!
38. It’s life Jim, but not as we
know it!
• The progression here is an evolution from network-centric services to
platform-centric services to today’s world of application-centric
services
• It’s clear that the DNS is being swept up in this shift, and the DNS is
changing in almost every respect
• The future prospects of a single unified coherent name space as
embodied in the DNS, as we currently know it, for the entire internet
service domain are looking pretty poor right now!