Read DJB if you are researching DNS
February 24, 2012  

I often run across academic papers on DNS that do not seem to be aware of the work of Daniel Bernstein (djb). For example, the main result of this paper by Ramasubramanian and Sirer from 2005 is a survey that:

shows that a typical name depends on 46 servers on average, whose compromise can lead to domain hijacks, while names belonging to some countries depend on a few hundred servers.

This is an important observation, but this sort of things was already pointed out by Bernstein in 2000, as you can see here. The paper does not cite Bernstein.

I am not saying that this paper should not have been published. There’s value in the survey, and I’m well aware that it’s impossible to find all related work.

On the other hand, Bernstein deserves a citation here, and this isn’t the first time I’ve seen his work go uncited, intentionally or not. I think he deserves recognition for pointing out the so-called “Kaminsky attack” before it was called that, and I’ve also refereed papers that were rediscoveries of remarks that he has published. I haven’t always succeeded in getting these papers rejected, either. Maybe it’s because of his personality, or the fact that the relevant publications are mailing list messages or notes on his web site; in any case, I know for a fact that somehow these writings don’t count as prior work to many researchers. That’s wrong.

If you plan on publishing a paper on DNS, or doing research in the area, you might save yourself a lot of time by reading through Bernstein’s web site and his postings on the relevant mailing lists.

More generally, academics studying the security of network protocols need to talk to implementors and look at what they have said on mailing lists.