Two BIND 9 Security Vulnerabilities Announced Today
ISC is releasing updated versions of BIND 9 to address two newly-discovered security vulnerabilities We have released new versions of BIND: 9.Read post
Under the terms of the award, a DoH implementation will be included in the free open source BIND 9 code, released under the MPL 2.0 license.
DNS over HTTPS is a new RFC (https://tools.ietf.org/html/rfc8484) from the IETF, published in October 2018, that gives web applications access to DNS information via existing browser APIs. ISC has been always committed to implementing DNS standards to give DNS users and operators a choice about where, how, and when they want to deploy them. It is part of our mission to offer the DNS ecosystem more choices.
DoH and another proposed standard, DNS over TLS (aka DOT) each provide some protection from on-the-wire snooping of DNS information. ISC has announced it will develop support for both DoH and DoT in 2020, so that operators and researchers can evaluate and assess both of these new encrypted transport options.
The MOSS award to ISC spans a 12-month development period. The first milestone is completion of some refactoring in BIND 9 to modernize the networking stack, which will support the development of alternative transport for DNS. ISC will publish a DoH design document by the end of April 2020, in the public BIND 9 development wiki. Then, by the end of June, ISC will publish code for a client implementation (e.g. in the dig and delv utilities). The complete implementation will be available in the master development branch in October 2020. Finally, ISC will backport DoH to the long term support branch, 9.16, before the end of 2020 to provide widespread access to the new feature.
What's New from ISC