Sie befinden Sich nicht im Netzwerk der Universität Paderborn. Der Zugriff auf elektronische Ressourcen ist gegebenenfalls nur via VPN oder Shibboleth (DFN-AAI) möglich. mehr Informationen...
Governments provide critical services to the residents they serve such as voting information, taxes, and health services. In turn, residents must trust information coming from their governments is legitimate. This paper examines the adoption of three DNS records, Sender Policy Framework (SPF), Domain-based Message Authentication, Reporting and Conformance (DMARC), and Certificate Authority Authorization (CAA), with governments in the United States. All three DNS records help establish legitimacy in a server's identity. From February to July 2023, SPF, DMARC, and CAA records from domains belonging to governments in the U.S. were collected, parsed, and semantically analyzed for security misconfigurations. We have developed an open source parser and analyzer to verify the syntax and security configuration of SPF and DMARC records. We found that adoption of all three records is slowly increasing, however errors and misconfigurations are disproportionately found in local, county, and state government domains.