NIS2 Discussion

The EU considers DNS critical infrastructure. So far so good.
"As a consequence of this directive’s quite broad definition of DNS, every organisation or individual running their own DNS will have to comply by registering their DNS service with ENISA, the EU agency for Cyber Security."

I don't think Pi-hole users have anything to worry about just yet - if at all.

From the executive summary of the paper linked in the article:

To ensure that only those entities intended to be in scope of the NIS2 Directive are included, either:

  • the definition of ‘DNS service provider’ in Art. 4 (14) could be augmented by clarifying it applies to entitiesthatprovides authoritative domain name resolution as a service procurable by third-party essential and important entities; or
  • Article 2(2)(a)(iii) could be scoped specifically to ‘top–level domain name registries and domain name system (DNS) service providers referred to in point 8 of Annex I ‘... that providerecursive domain name resolution services’, thus making providers of solely authoritative DNS services subject to a qualifications based on Art. 2(2)(b) – (g), where also the number of domain names hosted by the service could be part of the considerations.

TLDs... recursive dns farewell?

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.