Together we can make the DNS a bit safer for a globally resilient Internet
The DNS has become highly complex, offering many choices and implementations to suit myriad needs. Since the first IETF RFC in 1983, nearly 300 relevant RFCs have been released. Many, if not most, of the world’s DNS operators don’t have full-time DNS specialists on staff. What are those operators supposed to do?
Enter KINDNS: Knowledge-Sharing and Instantiating Norms for DNS and Naming Security, an ICANN initiative to promote voluntary security best practices for authoritative and recursive DNS operators. Pronounced “kindness,” it complements other similar initiatives such as MANRS (Mutually Agreed Norms for Routing Security) that cover different aspects of the Internet infrastructure. The goal of KINDNS is to produce something simple that can help a wide variety of DNS operators, from small to large, to stay aware of the most important best practices identified by industry for secure and effective DNS operations.
We’d love to have you join the KINDNS movement. There are currently two ways you can get involved and support:
As Members/Operators
Joining KINDNS means that your organization publicly commits to following the KINDNS practices and promoting them wherever possible. You can self-assess your DNS operation practice compliance with KINDNS online.
If you follow all the practices, congratulations! You can now fill out the Enrollment Form with your contact information and all additional details about how you achieve the KINDNS practices. This information will only be used for evaluation purposes and will not be shared or disclosed to others. Once we’ve reviewed your form, we’ll get back to you and if everything is in order, we’ll notify you of your acceptance to the program. Your company will be added to the “Supporting Organizations” section of the KINDNS website. You will also receive a welcome note and a KINDNS Compliance badge that you can display on your website or within other content.
If you don’t follow all the practices, don’t worry. We have prepared a few guidelines that can help you implement any of the practices you are not yet compliant with, including the rationale for following each practice and implementation instructions for common DNS software.
Whenever you’re ready, you can self-assess your compliance again.
As Contributor/Discussant
KINDNS is also a community driven initiative. Beyond formally joining as implementing Operator you can also contribute by participating to the discussions on a mailing list that gathers people interested in working together to further develop and firm-up DNS operation best practices.