User Tools
dns_flag_day_2020
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
| dns_flag_day_2020 [2023/05/24 04:01] – [Cloudflare authoritative DNS and 1.1.1.1] -removed https section from links hogwild | dns_flag_day_2020 [2023/05/24 04:09] – [What is DNS Flag Day?] Change head to "DNS Flag Day" hogwild | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | Ref: [[https:// | ||
| - | |||
| {{ : | {{ : | ||
| - | October 1 2020 was this year’s DNS Flag Day. Read on to find out all about DNS Flag Day and how it affects Cloudflare’s DNS services (hint: it doesn’t, we already did the work to be compliant). | ||
| - | ====== | + | |
| + | ====== DNS Flag Day ====== | ||
| + | |||
| + | October 1 was the date of DNS Flag Day in 2020. | ||
| DNS Flag Day is an initiative by several DNS vendors and operators to increase the compliance of implementations with DNS standards. The goal is to make DNS more secure, reliable and robust. Rather than a push for new features, DNS flag day is meant to ensure that workarounds for non-compliance can be reduced and a common set of functionalities can be established and relied upon. | DNS Flag Day is an initiative by several DNS vendors and operators to increase the compliance of implementations with DNS standards. The goal is to make DNS more secure, reliable and robust. Rather than a push for new features, DNS flag day is meant to ensure that workarounds for non-compliance can be reduced and a common set of functionalities can be established and relied upon. | ||
| - | Last year’s flag day was February 1, and it set forth that servers and clients must be able to properly handle the Extensions to DNS (EDNS0) protocol (first RFC about EDNS0 are from 1999 - RFC 2671). This way, by assuming clients have a working implementation of EDNS0, servers can resort to always sending messages as EDNS0. This is needed to support DNSSEC, the DNS security extensions. We were, of course, more than thrilled to support the effort, as we’re keen to push DNSSEC adoption forward . | + | Last year’s flag day was February 1, and it set forth that servers and clients must be able to properly handle the Extensions to DNS (EDNS0) protocol (first RFC about EDNS0 are from 1999 - RFC 2671). This way, by assuming clients have a working implementation of EDNS0, servers can resort to always sending messages as EDNS0. This is needed to support DNSSEC, the DNS security extensions. We were, of course, more than thrilled to support the effort, as we’re keen to push DNSSEC adoption forward. |
| ====== DNS Flag Day 2020 ====== | ====== DNS Flag Day 2020 ====== | ||
| Line 37: | Line 37: | ||
| Both our public resolver 1.1.1.1 as well as our authoritative DNS service, set and enforce reasonable limits on DNS message sizes when sent over UDP. Of course, both services are available over TCP. If you’re already using Cloudflare, there is nothing you need to do but to keep using our DNS services! We will continually work on improving DNS. | Both our public resolver 1.1.1.1 as well as our authoritative DNS service, set and enforce reasonable limits on DNS message sizes when sent over UDP. Of course, both services are available over TCP. If you’re already using Cloudflare, there is nothing you need to do but to keep using our DNS services! We will continually work on improving DNS. | ||
| - | Oh, and you can test your domain on the DNS Flag Day site: [[dnsflagday.net/ | + | Oh, and you can test your domain on the DNS Flag Day site: [[https://dnsflagday.net/ |
| - | Reference information is available here: [[blog.cloudflare.com/ | + | Reference information is available here: [[https://blog.cloudflare.com/ |
dns_flag_day_2020.txt · Last modified: 2023/05/24 04:17 by hogwild
Page Tools
