Things to know about DNS Flag day

DNS Flag day will be starting from 1 February 2019, the organisations behind open source DNS software implementations are going to deploy changes to their code that could break your domains. That day has been labelled DNS Flag day.

The Domain Name System or DNS was conceived at a time when the internet was young. The protocols of that time exuded confidence in one’s fellow man, and security lingered in the background. Gradually, however, awareness grew that the DNS had to become more robust and contain more functions in the messages that it exchanged. Thus, in 1999, EDNS or Extension mechanisms for DNS came into being. The advent of EDNS made DNSSEC, DNS geolocation and other security measures such as cookies in the conventional DNS messages possible. Every transition is difficult, however. Some existing firewalls or DNS implementations are not updated, or they incorrectly implement the EDNS standard, causing workarounds/patches needed by the recursive resolvers to keep supporting them.

Organisations such as ISPs, hosting companies and others have to test their current domain as well as their DNS servers. As a normal user, you can already check whether your domain name is compliant through a simple test on the DNS Flag Day website Go to https://dnsflagday.net Select the group you belong to: Click the Domain owners section and test your domain – you will see an “additional info” link under the results if your domain name is affected for this DNS Flag day The answer will hopefully be a fine “All OK” and a green “GO.”