Open source project to secure the Domain Name System

The OpenDNSSEC project announces the development of open source software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

Industry leaders including .SE (The Internet Infrastructure Foundation), NLNetLabs, Nominet, Kirei, SURFnet, SIDN and John Dickinson have come together to create open source software that promises to make it easier to deploy DNSSEC. The group’s primary aim is to further protect the Internet by increasing the security for end-users.

Removing the manual aspect of deploying DNSSEC using the open source software is set to make it easier for Internet service providers, web hosting companies and name service operators to deploy DNSSEC, which will significantly increase the number of DNSSEC users.

OpenDNSSEC features:

  • No manual management is needed for signing a zone or managing the cryptographic keys. The software manages the entire process from unsigned to signed zones.
  • OpenDNSSEC is supplied with a licence that gives a green light to suppliers of commercial products who want to utilize the open source code and include it in their own software, without having to open up their own code.
  • The software works with all different versions of the Unix operating systems and is suitable for both those who need to sign a few very large zones (for example TLDs) and for those responsible for a large number of smaller zones.

Patrik Wallstr?¶m, responsible for DNSSEC at .SE comments: “In order to spread the use of DNSSEC to an increased number of domain names, the management surrounding this technology must be simplified. Together with a number of collaborators, we’re developing OpenDNSSEC. Leveraging our deployment experience, we will produce a well-packaged, easy-to-use and flexible DNSSEC tool that eliminates all manual procedures. Those in charge of name servers no longer need detailed knowledge about the protocol in order to use it.”




Share this