{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,3]],"date-time":"2025-05-03T12:04:31Z","timestamp":1746273871751,"version":"3.40.3"},"publisher-location":"Cham","reference-count":39,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319171715"},{"type":"electronic","value":"9783319171722"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-17172-2_15","type":"book-chapter","created":{"date-parts":[[2015,4,16]],"date-time":"2015-04-16T03:04:26Z","timestamp":1429153466000},"page":"219-232","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["Measuring DANE TLSA Deployment"],"prefix":"10.1007","author":[{"given":"Liang","family":"Zhu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Duane","family":"Wessels","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Allison","family":"Mankin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"John","family":"Heidemann","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,4,17]]},"reference":[{"key":"15_CR1","unstructured":"NLnetLabs. Ldns (ldns-dane). \n                      http:\/\/www.nlnetlabs.nl\/projects\/ldns\/"},{"key":"15_CR2","doi-asserted-by":"crossref","unstructured":"Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: Dns security introduction and requirements. RFC 4033, March 2005","DOI":"10.17487\/rfc4033"},{"key":"15_CR3","doi-asserted-by":"crossref","unstructured":"Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: Protocol modifications for the dns security extensions. RFC 4035, March 2005","DOI":"10.17487\/rfc4035"},{"key":"15_CR4","doi-asserted-by":"crossref","unstructured":"Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: Resource records for the dns security extensions. RFC 4034, March 2005","DOI":"10.17487\/rfc4034"},{"key":"15_CR5","unstructured":"Bhat, S.: Gmail Users in Iran Hit by MITM Attacks, August 2011. \n                      http:\/\/techie-buzz.com\/tech-news\/gmail-iran-hit-mitm.html"},{"key":"15_CR6","unstructured":"Comodo. Comodo Fraud Incident, March 2011. \n                      https:\/\/www.comodo.com\/Comodo-Fraud-Incident-2011-03-23.html"},{"key":"15_CR7","unstructured":"Deploy360 Porgramme. Dane test sites. \n                      http:\/\/www.internetsociety.org\/deploy360\/resources\/dane-test-sites\/"},{"key":"15_CR8","unstructured":"Deploy360 Porgramme. Dnssec statistics. \n                      http:\/\/www.internetsociety.org\/deploy360\/dnssec\/statistics"},{"key":"15_CR9","doi-asserted-by":"crossref","unstructured":"Dierks, T., Rescorla, E.: The transport layer security (tls) protocol version 1.2. RFC 5246, August 2008","DOI":"10.17487\/rfc5246"},{"key":"15_CR10","unstructured":"DNSSEC\/TLSA Validator. \n                      https:\/\/www.dnssec-validator.cz"},{"key":"15_CR11","unstructured":"Edward Bjarte Fjellskal. PassiveDNS tool. \n                      https:\/\/github.com\/gamelinux\/passivedns"},{"key":"15_CR12","unstructured":"Herzberg, A., Shulmanz, H.: Fragmentation considered poisonous. In: Proc. of IEEE Conference on Communications and Network Security (CNS), October 2013"},{"key":"15_CR13","doi-asserted-by":"crossref","unstructured":"Hoffman, P.: Smtp service extension for secure smtp over transport layer security. RFC 3207, February 2002","DOI":"10.17487\/rfc3207"},{"key":"15_CR14","doi-asserted-by":"crossref","unstructured":"Hoffman, P., Schlyter, J.: The dns-based authentication of named entities (dane) transport layer security (tls) protocol: Tlsa. RFC 6698, August 2012","DOI":"10.17487\/rfc6698"},{"key":"15_CR15","unstructured":"ICANN. The Centralized Zone Data Service. \n                      https:\/\/czds.icann.org\/"},{"key":"15_CR16","unstructured":"Internet Systems Consortium. Internet domain survey, January 2008. web page \n                      http:\/\/www.isc.org\/solutions\/survey"},{"issue":"1","key":"15_CR17","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1145\/205447.205456","volume":"25","author":"CA Kent","year":"1995","unstructured":"Kent, C.A., Mogul, J.C.: Fragmentation considered harmful. SIGCOMM Comput. Commun. Rev. 25(1), 75\u201387 (1995)","journal-title":"SIGCOMM Comput. Commun. Rev."},{"key":"15_CR18","unstructured":"Learmonth, I., Gunasekaran, S.: Bootstrapping Trust with DANE, April 2014. \n                      https:\/\/www.hackerleague.org\/hackathons\/kings-of-code-hack-battle-at-tnw-europe-conference-2014\/hacks\/bootstrapping-trust-with-dane"},{"key":"15_CR19","unstructured":"Mail Server Security Test. \n                      https:\/\/www.tlsa.info\/"},{"key":"15_CR20","doi-asserted-by":"crossref","unstructured":"Mockapetris, P.: Domain names - concepts and facilities. RFC 1034, November 1987","DOI":"10.17487\/rfc1034"},{"key":"15_CR21","doi-asserted-by":"crossref","unstructured":"Mockapetris, P.: Domain names\u2013implementation and specification. RFC 1035, November 1987","DOI":"10.17487\/rfc1035"},{"key":"15_CR22","unstructured":"NIST. Danelaw. \n                      https:\/\/www.had-pilot.com\/dane-tests.html"},{"key":"15_CR23","unstructured":"NIST. Estimating ipv6 and dnssec external service deployment status. \n                      http:\/\/fedv6-deployment.antd.nist.gov"},{"key":"15_CR24","unstructured":"NIST. Tlsa test tree. \n                      https:\/\/www.had-pilot.com\/tlsa-test.html"},{"key":"15_CR25","unstructured":"Osterweil, E., Kaliski, B., Larson, M., McPherson, D.: Reducing the x. 509 attack surface with dnssecs dane. SATIN: Securing and Trusting Internet Names, March 2012"},{"key":"15_CR26","doi-asserted-by":"crossref","unstructured":"Osterweil, E., Ryan, M., Massey, D., Zhang, L.: Quantifying the operational status of the dnssec deployment. In: Proceedings of the 8th ACM SIGCOMM Conference on Internet Measurement, IMC 2008, pp. 231\u2013242. ACM, New York, NY, USA (2008)","DOI":"10.1145\/1452520.1452548"},{"key":"15_CR27","doi-asserted-by":"crossref","unstructured":"Saint-Andre, E.P.: Extensible messaging and presence protocol (xmpp): Core. RFC 3920, October 2004","DOI":"10.17487\/rfc3920"},{"key":"15_CR28","unstructured":"Pennock, P.: XMPP & DANE with Prosody, May 2014. \n                      http:\/\/bridge.grumpy-troll.org\/2014\/05\/xmpp-dane-with-prosody"},{"key":"15_CR29","unstructured":"Postfix. \n                      http:\/\/www.postfix.org\/TLS_README.html"},{"key":"15_CR30","unstructured":"Schloesser, M., Gamble, B., Nickel, J., Guarnieri, C., Moore, H.: Project Sonar: IPv4 SSL Certificates, September 2014. \n                      https:\/\/scans.io\/study\/sonar.ssl"},{"key":"15_CR31","unstructured":"SIDN labs. Tlsa validator. \n                      https:\/\/check.sidnlabs.nl\/dane"},{"key":"15_CR32","doi-asserted-by":"crossref","unstructured":"Streibelt, F., B\u00f6ttger, J., Chatzis, N., Smaragdakis, G., Feldmann, A.: Exploring edns-client-subnet adopters in your free time. In Proceedings of the 2013 Conference on Internet Measurement Conference, IMC 2013, pp. 305\u2013312. ACM, New York, NY, USA (2013)","DOI":"10.1145\/2504730.2504767"},{"key":"15_CR33","doi-asserted-by":"crossref","unstructured":"van Rijswijk-Deij, R., Sperotto, A., Pras, A.: Dnssec and its potential for ddos attacks: A comprehensive measurement study. In: Proceedings of the 2014 Conference on Internet Measurement Conference, IMC 2014, pp. 449\u2013460. ACM, New York, NY, USA (2014)","DOI":"10.1145\/2663716.2663731"},{"key":"15_CR34","unstructured":"Verisign. Daily zone counts. \n                      http:\/\/www.verisigninc.com\/en_US\/channel-resources\/domain-registry-products\/zone-file-information\/index.xhtml"},{"key":"15_CR35","unstructured":"Verisign. Dnssec scoreboard. \n                      http:\/\/scoreboard.verisignlabs.com"},{"key":"15_CR36","unstructured":"Verisign. The Domain Name Industry Brief, December 2014. \n                      www.verisigninc.com\/assets\/domain-name-report-december2014.pdf"},{"key":"15_CR37","unstructured":"Verisign Labs. Dane\/tlsa demonstration. \n                      http:\/\/dane.verisignlabs.com\/"},{"key":"15_CR38","unstructured":"Weaver, N., Kreibich, C., Nechaev, B., Xson, V.P.: Implications of netalyzr\u2019s DNS measurements. In: Proc. of Workshop on Securing and Trusting Internet Names (SATIN), April 2011"},{"key":"15_CR39","unstructured":"Wouters, P.: Using dane to associate openpgp public keys with email addresses. Work in progress, February 2014 (draft-wouters-dane-openpgp-02)"}],"container-title":["Lecture Notes in Computer Science","Traffic Monitoring and Analysis"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-17172-2_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,19]],"date-time":"2019-05-19T23:40:20Z","timestamp":1558309220000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-17172-2_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319171715","9783319171722"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-17172-2_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"17 April 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}