This site and the related paper focuses on same-site attacks on the modern web through the takeover of insufficiently secured subdomains.

Bert Hubert on the possible harm local EU regulations could do to the DNS root servers and the Internet.

The author explained running the root zone locally and announced a second post with operational instructions.

In this statement, the DNS root server operators explain why they don't feel comfortable being the early adopters of authoritative DNS encryption.

This short post explains why, strictly speaking, the term DNS propagation is misused.

The author shares his interesting findings in buying and utilizing 14 domains that are 1-bitflip away from windows.com.

dog is a command-line DNS client with support for DNS-over-TLS and DNS-over-HTTPS protocols.

»Seven new vulnerabilities are being disclosed in common DNS software dnsmasq, reminiscent of 2008 weaknesses in Internet DNS Architecture.«

The Technitium DNS Server is an ad-blocking DNS server with DNS-overTLS and DNS-over-HTTPS capabilities.

Explains what you can do when you have special DNS requirements inside of Kubernetes.

Ladies and gentlemen, I would like you to welcome the new shiny RFC8482, which effectively deprecates the DNS ANY query type. DNS ANY was a "meta-query" - think of it as a similar thing to the common A, AAAA, MX or SRV query types, but unlike these it wasn't a real query type - it was special. Unlike the standard query types, ANY didn't age well. It was hard to implement on modern DNS servers, the semantics were poorly understood by the community and it unnecessarily exposed the DNS protocol to abuse. RFC8482 allows us to clean it up - it's a good thing.

OpenNIC provides an open alternative DNS root, provided and controlled by users.