Abstract:
As a big infrastructure, DNS handles large datasets and provides security, integrity and confidentiality of its data. We analyze usage of TXT, CERT, SSHFP and OPENPGPKEY resource records in DNS and the TLS extension ECH. dns-scanner deploys scans on those technologies by querying one million websites from the Tranco list and provides evaluation results on usage of mentioned resource records and protocols. We analyze the results of every step in the process and outputs from dns-scanner.