- By Vicky Risk on November 10, 2014
ISC has signed a memo of understanding with NLnet Labs, makers of Unbound and NSD, to collaborate in providing support to users of our DNS software. NSD is a popular alternative to BIND for authoritative DNS services, and Unbound is a high-performance recursive resolver. As a first step in this collaboration, ISC is now selling advance security notification of vulnerabilities in NSD and Unbound, the same service we have been offering for ISC’s BIND and DHCP. ISC will cover the expense of the administrative overhead, and pass the entire amount paid for the NLNet Labs portion off to them.
As a bonus for organizations already supporting ISC’s open source, existing BIND ASN subscribers will automatically be given the Unbound and NSD ASN for the remainder of their current contract with ISC. When their contract is up for renewal, they will be offered the opportunity to add Unbound and NSD to their BIND ASN agreement.
We hope this is the beginning of a trend towards greater cooperation among providers of open source that is critical to the Internet. As we all saw with the Heartbleed incident, the mere fact that open source is critical to the Internet does not mean that it’s development and maintenance is funded or supported by the community. Getting adequate support requires an organization to solicit funding, provide and administer services based on that software.
This in no way represents a consolidation of software or technology; conversely, it’s an attempt to more strongly fund diverse offerings. We are leveraging the administrative overhead, and offering a united front to promote funding open source. Please join us by subscribing to Advance Security Notifications for BIND, Unbound and NSD, or by making a donation to NLNET Labs, either directly or through ISC. To inquire about subscribing or donating, fill out this web form, or email to info at ISC dot org.
- By Vicky Risk on April 17, 2014
Internet Systems Consortium (ISC) today announced the release of version 1.2 of its BIND 10 software, and with that release announced that ISC has concluded its development work on BIND 10 and will no longer be updating the source pool.
BIND 10 release 1.2 consists of an authoritative server, a control framework, an application interface, a statistics server, a logging framework, a remote control daemon, a configuration client tool, and numerous other tools for its development and operation.
“BIND 10 is an excellent software system,” said Scott Mann, ISC’s Vice President of Engineering, “and a huge step forward in open-source infrastructure software. Unfortunately, we do not have the resources to continue development on both projects, and BIND 9 is much more widely used.”
“The BIND 10 software is open-source,” Scott added, “so we are making it available for anyone who wants to continue its development. The source will be available from GitHub under the name Bundy, to mitigate the confusion between it and ISC’s BIND 9 (a completely separate system). The name ‘BIND’ is associated with ISC; we have changed its name as a reminder that ISC is no longer involved with the project.
BIND 10 release 1.2 is available from ISC at http://www.isc.org/downloads/, under the ‘Other Software’ category.
BIND 10 was a multi-year development project with numerous sponsors around the world. ISC is grateful for support received from Afilias, AFNIC, Association DNS.PT, Brazilian Network Information Center (NIC.BR), Canadian Internet Registry Authority (CIRA), China Internet Network Information Center (CNNIC), Comcast, CZ NIC z.s.p.o, DENIC eG, Google Inc., IIS, Japan Registry Services Co, Ltd. (JPRS), Nominet UK, New Zealand Registry Services (NZRS), Réseaux IP Européens Network Coordination Centre (RIPE NCC), Stichting Internet Domainregistratie Nederland (SIDN), Technical Center of Internet, and Uniforum SA. We expect the continuing development of Bundy to involve an equally diverse collection of developers and supporters.
- By Brian Reid on April 9, 2014
ISC founder Paul Vixie recently joined the elite ranks of membership in the Internet Hall of Fame. Each Hall of Fame member has made significant contributions to the advancement of the global Internet. Most of the work for which Dr Vixie was cited was accomplished while he was at ISC, and ISC was definitely guided and shaped by his vision.
Named to the Hall of Fame as an Internet Innovator, Dr Vixie’s extensive technical contributions include DNS protocol design and procedure, mechanisms to achieve operational robustness of DNS implementations, and significant contributions to open source software principles and methodology. He also created and launched the first successful commercial anti-spam service. His relentless innovation and leadership in Internet infrastructure has unquestionably made the Internet a better, faster, and safer place.
Paul Vixie left ISC in 2013 to found Farsight Security, where he is its Chairman and CEO.
Completion of BIND 10 Initial Development Program delivers Basis of ISC Next Generation Nameserver SoftwareBy Adib Behjat on January 30, 2014
Internet Systems Consortium (ISC) is pleased to announce the completion of a multi-year software development program funded by JPRS and other key sponsors. The next generation nameserver software framework is available as the BIND 10 distribution, http://bind10.isc.org/wiki/ProductionRelease, which has been well received by sponsors and the open source community.
“We are proud to have been able to work closely with our sponsors to deliver quality nameserver software as freely available open source,” stated Jeff Osborn, ISC Executive Director. “It also marks the conclusion of a multi-year development program funded by our generous sponsors. We look forward to continuing development on the BIND 10 suite with continued guidance from our broad BIND and ISC DHCP user base.”
Throughout this development effort, JPRS and other key sponsors have provided development staff as well as funding. The collaborative effort provided valuable insights to all involved. The result of the initial development program of BIND 10 is a production release of authoritative nameserver software.
Downloads of the BIND 10 Authoritative nameserver software from the ISC website continue to increase. During the past few months, BIND 10 has accounted for more than 12% of the total downloads from the isc.org website. Feedback from those users will ensure that development continues in the right direction as the software becomes widely tested and later deployed in production.
ISC has been privileged to have support from numerous sponsors during the BIND 10 development effort. A complete list is available at: https://www.isc.org/members/
Please visit http://bind10.isc.org/wiki for more information about the next generation platform, code name “BIND 10” or download the software at: ftp://ftp.isc.org/isc/bind10/1.1.0/bind10-1.1.0.tar.gz
Internet Systems Consortium (ISC) is a 501(c)3 public benefit corporation widely known for world‐class Internet software engineering and network operations. Founded in 1994 under an initial grant from UUNET, ISC is governed today by a 5-member Board of Directors. ISC software, of which BIND and ISC DHCP are the two best‐known examples, is open source. Our passion is Internet core technology. Our widely‐imitated Managed Open Source process ensures the quality of our software while keeping it completely open and available. ISC operates high‐reliability global networks of DNS root servers (F‐root) and authoritative DNS servers both for non‐profit and commercial enterprises. ISC is actively involved in Internet protocol and standards development, particularly in the areas of DNSSEC and IPv6. ISC is supported by donations from generous sponsors, by program membership fees, and by increasing revenues from DNSco, a for-profit subsidiary. For further information, please visit https://www.isc.org/supportisc
- By Brian Reid on January 27, 2014
Following a successful public demonstration at the 88th Internet Engineering Task Force (IETF) meeting November 2013, ISC’s Open Home Gateway Forum team has submitted its code for package signing and validation to the OpenWrt project. ISC is now disbanding the Open Home Gateway Forum since this code has been completed.
Comcast and ISC created the Open Home Gateway Forum (OHGF) to address problems in managing large numbers of home gateway devices. The Open Home Gateway Forum (OHGF) team created and demonstrated enhancements to OpenWrt that enabled a robust process for remote configuration and software upgrade. This could allow an ISP to securely update home gateway devices, and might be leveraged more broadly by OpenWrt to provide automatic software updates. This is important since so much customer premise equipment never receives a software update, creating significant future security vulnerabilities. This new feature can mitigate the risk of software never being updated, which has recently been in the news in an article by Bruce Schneier and in a malware attack affecting Internet devices.
The remote configuration and update process uses cryptographic signatures and checksum verification to ensure the integrity of the update source as well as the validity of the software downloaded. These extra security measures protect the home gateway from downloading or installing software delivered by or tampered with by any unauthorized party.
As the largest cable Internet Provider in North America, Comcast has a vested interest in solving this problem. One way they have chosen to address it by funding the development of a transparent open source solution.
OpenWrt is a highly extensible GNU/Linux distribution that runs on over 80 different manufacturer’s embedded systems. OpenWrt is an open source project, meaning that the source code is freely available, and they welcome contributions from contributors anywhere in the world. Many of the millions of home gateways connected to the Internet run software based on OpenWrt. Improvements made in OpenWrt can have a wide-ranging impact.
“We are part of a community working together to address a global Internet problem,” stated Gregers Petersen, OpenWrt Relationship Manager. “We welcome the support of, and collaboration with, ISC and Comcast. The open source model is once again proving to be the best way to tackle the really tough technical problems that affect us all.”
“OpenWrt is a vibrant open source project and their software is used by many of our Xfinity Internet customers as well as countless other Internet users,” said Jason Livingood, Vice President of Internet & Communications Engineering at Comcast. “We are happy that ISC was able to develop a unique way of secure remote configuration and update, since regular and automatic software updates are a critical part of ensuring the ongoing security of Internet-connected consumer devices.”
After working with the OHGF team, OpenWrt is continuing to add support for detecting and recovering from interrupted installs and is working on a way to safely do home gateway kernel upgrades. For more information about OpenWrt, or to contribute or download the software distribution, see http://www.openwrt.org.
Last modified: January 30, 2014