Acknowledgements

RFC 1034 and 1035 were written by Paul Mockapetris in 1987. He designed a system that has handled the naming needs of the entire internet for nearly four decades. The elegance of the distributed hierarchy, the simplicity of the query model, the forethought in the caching design — these hold up. The fact that this course can teach from first principles and those principles still apply to production infrastructure today is a testament to the quality of that original work.

The BIND team at ISC — the authors and maintainers of the Berkeley Internet Name Domain software that has run a significant portion of the world's authoritative DNS servers for decades. Reading BIND's documentation and source code taught me more about how DNS actually works than any textbook.

The engineers at EuroDNS who showed me what internet infrastructure looks like from the inside. Particularly those who were patient with a software architect who kept asking "but why does it work this way?" about registry protocols. The answer is usually "because RFC X says so" and then "because the registry implemented RFC X this way" — understanding the difference matters.

The team at EBRAND who built X-RAY with me. Watching the domain threat landscape at scale changes how you think about brand protection. The patterns we documented in that work shaped a significant portion of modules 7 and 8 in this course.

The DNS operations community — DNS-OARC, the nanog list, the researchers who publish on DNS security. This is a community that takes the correctness of infrastructure seriously, and the published work (including the abuse and threat research) is unusually rigorous compared to many other areas of internet security.

And the engineers who filed bug reports, asked questions on Stack Overflow, and wrote post-mortems when DNS was the culprit. The failures are where the real learning lives, and the people willing to document them publicly make everyone better at this.