Blog entries for "BIND"

DNSSEC Readiness

10 May 2010
Michael Graff

DNSSEC is coming. Is your organization ready?

The DNS community is buzzing with activity around the implementation of the DNS Security Extension, DNSSEC. In simple terms, DNSSEC provides a "chain of trust" within the DNS hierarchy and the authentication of DNS responses. Once deployed across the DNS, DNSSEC will render the infamous man-in-the-middle attack a thing of the past.

DNSSEC Transitions and the Signing of ARPA

15 Apr 2010
by Evan Hunt

2010 is shaping up to be a banner year in at least two areas: major steps toward the deployment of DNSSEC, and discoveries of operational snags affecting the deployment of DNSSEC.

An example of the former took place on March 25, when it was announced that the ARPA TLD had been signed. ARPA contains the sub-zones in-addr.arpa and ip6.arpa, which are used for reverse DNS: converting IP addresses to DNS names. It is an essential piece of the DNS infrastructure, and the signing of ARPA makes it possible for reverse lookups to be cryptographically authenticated via DNSSEC.

Unfortunately, an example of the latter took place a short time later.

Whither DNSCurve?

25 Feb 2010
by Paul Vixie

At the risk of having this blog begin to read like a FAQ, let me begin once again with the words, "folks have been asking me...".  So:

Surprise bugs and release schedules

10 Feb 2010
By Michael Graff

I know this won’t be a shock to anyone, but software has bugs.

Sometimes they are discovered and have little real impact — perhaps a few lines of code change and are easily tested. Ideally they occur early in a release cycle so they don’t really affect much. Most of the time these are minor and are easily put into a release at any point.

ISC Software Lifetimes

11 Sep 2009
Jeremy Reed

By Jeremy C. Reed on September 14, 2009 5:32 PM

ISC recently improved its software support lifetime and End-of-Life (EOL) policies. Previously, ISC only provided public development and commercial support for the latest major release version and the prior major release version. Also the next older major release version became EOL six months after the latest major release was announced. (So for six months, three major versions are supported.)

 

BIND 10 The Story So Far...

05 Sep 2009
By Shane Kerr, BIND 10 Programme Manager

BIND 10 is, briefly, a re-design and re-write of BIND 9. BIND 9 is itself a re-design and re-write of BIND 8. BIND 9 is by far the most widely used DNS server on the Internet (one estimate is something like 80% of DNS servers). For ISC, and I think for the DNS community, BIND 10 is going to be a Big Deal.