Blog entries for "DLV"

What's happening with DLV?

15 Jul 2010
Michael Graff

Now that the root zone has been officially signed, what happens with ISC's DNSSEC Look-aside Validation Registry? The short answer is, it gets smaller, but does not go away, at least not today.

While having the root signed is a critically important step in the DNSSEC deployment effort, it is not the final step. It's the one that enables a lot of other zones such as Top Level Domains (TLDs) to be signed usefully. It removes the need for many stop-gap measures like certain TARs, and the need for TLD entries in ISC's DLV system.

DNSSEC Transitions and the Signing of ARPA

15 Apr 2010
by Evan Hunt

2010 is shaping up to be a banner year in at least two areas: major steps toward the deployment of DNSSEC, and discoveries of operational snags affecting the deployment of DNSSEC.

An example of the former took place on March 25, when it was announced that the ARPA TLD had been signed. ARPA contains the sub-zones in-addr.arpa and ip6.arpa, which are used for reverse DNS: converting IP addresses to DNS names. It is an essential piece of the DNS infrastructure, and the signing of ARPA makes it possible for reverse lookups to be cryptographically authenticated via DNSSEC.

Unfortunately, an example of the latter took place a short time later.

Surprise bugs and release schedules

10 Feb 2010
By Michael Graff

I know this won’t be a shock to anyone, but software has bugs.

Sometimes they are discovered and have little real impact — perhaps a few lines of code change and are easily tested. Ideally they occur early in a release cycle so they don’t really affect much. Most of the time these are minor and are easily put into a release at any point.