We love our independence, which is why we're now on our own Mastodon instance at social.nlnetlabs.nl! #OpenSource #DNS #BGP
protocol & privacy aficionado | dad, he/him | tweets mostly about work | interests: networks, cryptography, policy, change,šāāļø & š
We love our independence, which is why we're now on our own Mastodon instance at social.nlnetlabs.nl! #OpenSource #DNS #BGP
Use Signal. We promise, no AI clutter, and no surveillance ads, whatever the rest of the industry does. <3
A kind reminder to please provide your feedback on the #XDP implementation we did for NSD, our authoritative #DNS server.
With zero-copy disabled, weI saw a 1.7x improvement in handled queries per second compared to UDP through the network stack. We expect the improvement to be higher with a driver that fully supports AF_XDP zero-copy mode.
We're curious to hear about your experiences!
https://blog.nlnetlabs.nl/experimental-support-for-af_xdp-sockets-in-nsd/
If you write a Python library for AF_XDP you are legally required to call it "Snakes on a Dataplane"
As many people probably already know, I fly a rainbow flag outside my house. Not just during pride month, but pretty much year round. I hope that one day LGBTQ+ acceptance will be as self-evident as women's voting rights, but until that day there is still something to fight for.
Een applaus voor onze supporters! š Met jullie support krijgen we onze voet tussen de deur in politiek Den Haag. Vrij Nederland deed onderzoek naar de belangenorganisaties die de meeste invloed uitoefenen op de politiek. Bits of Freedom staat op #12. Word ook donateur: https://www.bitsoffreedom.nl/ja
Iām back from a visit to a largish German company who _might_ be interested in running their own internally-accessible resolver. When I asked what they use today, I held my breath to hear WE PAY TO USE A PUBLIC RESOLVER IN THE USofA.
(For the benefit of those not in the know, there are several excellent open source implementations of DNS resolvers, very well documented, and quite easy to set up on premise, and if necessary for most one can purchase support if so desired.)
Philip explains Nameshed's #DNSSEC key management design at the ICANN83 DNSSEC And Security Workshop. Presentation starts at 58:32. #DNS #OpenSource #rustlang https://icann.zoom.us/rec/play/rZO4WQ43FXCBle-B2aMGbyuxoMqmt4-HU9PJVfjsZA4DYxv2k9X0IyhR8f0F_SSZwRbSgCIO3KxUtVuF.v4W-DaCIkkBU7JmJ?eagerLoadZvaPages=sidemenu.billing.plan_management&accessLevel=meeting&canPlayFromShare=true&from=share_recording_detail&startTime=1749475871000&componentName=rec-play&originRequestUrl=https%3A%2F%2Ficann.zoom.us%2Frec%2Fshare%2FnEPUGP0kRV04R3oQaAt0i2c_UQhxb2UHzg16VylkViD-EomNkaaPiiuSzWsWooUC.3ieFTG4o1XsG-TDW%3FstartTime%3D1749475871000
Europe was promised a new golden age of the night train. Why are we still waiting? #Opinion #EuropeanUnion
The OSI has endorsed a proposal by Open Forum Europe to create an EU Sovereign Tech Fund to support maintenance and development of key Open Source software projects. https://opensource.org/blog/investing-in-open-source-sustainability-osi-supports-open-forum-europes-eu-sovereign-tech-fund-proposal
"The technical infrastructure that underpins Telegram is controlled by a man whose companies have collaborated with Russian intelligence services."
https://www.occrp.org/en/investigation/telegram-the-fsb-and-the-man-in-the-middle
I usually get where big tech is coming from, but this is just malicious tracking. If you're an engineer and you're asked to implement something like this, it's time to whistleblow.
I hope the IE DPA will look into it.
Anyway, Local Network Access (https://github.com/explainers-by-googlers/local-network-access) can't come soon enough.
Question in relation to our #DNSSEC signing project Nameshed: does anyone have operational experiences with #KMIP for interfacing with HSMs, as an alternative to PKCS#11? We'd love to hear from you. ā Boosts appreciated š #DNS #OpenSource #rustlang
We're proud to launch "dnst", our #DNS toolbox for network operators. Twenty years ago, we introduced the "ldns" C-library, along with a collection of example utilities for generating keys, signing a zone, and more. With the "domain" #Rust crate acting as the natural successor to the "ldns" library, with "dnst" we are offering a modern, well-maintained drop-in replacement for the most widely used "ldns" utilities. #OpenSource #rustlang https://blog.nlnetlabs.nl/introducing-dnst-a-dns-toolbox-for-network-operators/
This Thursday, June 5, at 10 AM ET, a critically important congressional hearing will unpack foreign influence on American data via the CLOUD Act. Expect robust debate on encryption, backdoors, and cross-border data access.
It is joyful to wake up and read a whole bunch of interesting, relevant, personal overnight toots, rather than slop, advertising, and ragebait.
I appreciate you all. Happy Tuesday, fedi friends!
OSI has a four-person team patrolling the waters of the global public policy oceans and the connected standards seas. The team will post here when there's news or comment.
Four modern mail systems for self-hosting shared by @SIDN, one of them being @stalwartlabs which I am very happy with. It is so much easier than a Postfix/Dovecot/Certbot setup.
https://www.sidn.nl/en/news-and-blogs/four-modern-mail-systems-for-self-hosting
Small thread on recent developments with Roto!
To recap, Roto is the statically-typed compiled scripting language for #rustlang we're working on at @nlnetlabs.
We got a great reaction to our blog post[1], with a lot of interesting thoughts and feedback. Thank you all! I'm also happy the post made it to This Week In Rust[2]
[1]: https://blog.nlnetlabs.nl/introducing-roto-a-compiled-scripting-language-for-rust/
[2]: https://this-week-in-rust.org/blog/2025/05/28/this-week-in-rust-601/
@aerique Mozilla is preparing for a world where the US government (rightly) forces them to do without 90+% of their revenue. Rather than getting disgusted at them, why don't we urge the EU to support them and even do something crazy like take seats on their board or something? Could happen... maybe? Mozilla and this fork you want to make will die without support.