Home / Companies / Cloudflare / Blog / Post Details
Content Deep Dive

Economical With The Truth: Making DNSSEC Answers Cheap

Blog post from Cloudflare

Post Details
Company
Date Published
Author
Dani Grant
Word Count
2,367
Company Posts That Month
13
Language
English
Hacker News Points
-
Summary

Cloudflare has implemented a unique approach to handling negative answers in DNSSEC by using "black lies" and the "DNS shotgun." This method reduces compute cost and helps keep packet size small, allowing them to provide DNSSEC for free for any domain. The technique involves returning false previous and next names in NXDOMAIN responses and setting all types in NODATA responses, which ensures compliance with existing standards while minimizing the need for database lookups or precomputation of dynamic answers.

Trends Found in this Post

No tracked trend matches for this post yet.