Home page logo
/

interesting-people logo Interesting People mailing list archives

IP: Secure DNS Implementation in BIND
From: David Farber <farber () cis upenn edu>
Date: Mon, 06 Oct 1997 14:08:55 -0400

From: "Carl Malamud [IMS]" <carl () also media org>
To: ietf () ietf org
Date: Mon, 6 Oct 1997 11:59:50 -0400 (EDT)


The Internet Software Consortium is pleased to announce that 
we have reached an agreement with RSA Data Security, Inc., 
a wholly owned subsidiary of Security Dynamics 
Technologies, Inc.  The agreement from RSA provides us 
with a free license of DNSsafe, an implementation of the
RSA cryptosystem.  This license limits DNSsafe for use only in
authenticating Domain Name System resource records.


The donation allows the implementation of the DNS Security 
standards in BIND, a publicly-available implementation of 
the Domain Name System.  RSA has also agreed to offer the same 
license to other DNS developers for a three-year period, so that
non-BIND-based DNS products can also be secured.  Virtually every
device on the Internet currently implements the existing (insecure)
DNS.  We believe the DNSsafe security engine will be embedded in a
wide variety of products, including routers and firewalls, and we 
hope that eventually Secure DNS will appear in every device on the 
Internet.


In addition, the DNS is a natural infrastructure for the publication 
of public keys for use by other protocols, such as IPSec.  Because 
DNSSEC offers only authentication and not privacy, implementations 
will be available to Internet users worldwide.


The cooperative agreement was reached between RSA 
President Jim Bidzos and ISC volunteer John Gilmore, a co-
founder of the Electronic Frontier Foundation and a trustee of 
the Internet Society.  The ISC would like to thank John and Jim for 
reaching this valuable agreement.  We'd also like to thank 
DARPA and Trusted Information Systems, who funded and 
built the first prototypes of DNSSEC.  John Gilmore and Paul 
Vixie are both donating their time for the implementation of 
DNSSEC in BIND.


The Internet Software Consortium is a volunteer effort 
founded by BIND developer Paul Vixie to ensure publicly 
available implementations of software that is crucial to the 
operation of the Internet Infrastructure.  Programs released in 
1996 include implementations of the Domain Name System 
(BIND), Netnews (INN), the Dynamic Host Configuration 
Protocol (DHCP), and portions of Kerberos Version 5.0. The 
Internet Software Consortium is funded by contributions from 
industry and individuals, including major support in 1997 
from Usenix and Network Solutions, Inc.  Information about 
the ISC is available at http://www.isc.org.


We anticipate availability of BIND with DNSsafe by the end 
of this year as beta software.  We will provide a meeting in
conjunction with the December IETF to brief developers and
network operators on the implications of this software.  We will 
also be present at other forums, such as RIPE in Europe to answer 
questions.  Please check our web site for status reports on the 
development efforts.


RSA Data Security, Inc., a wholly owned subsidiary of 
Security Dynamics Technologies, Inc., develops and markets 
platform-independent developer's kits and end-user products 
and provides comprehensive cryptographic consulting services. 
Founded in 1982 by the inventors of the RSA Public Key Cryptosystem, 
the company is headquartered in Redwood City, Calif.  Details
of the RSA announcement are available at http://www.rsa.com/
on the web.


-30-










**************************************************
"Photons have neither morals or visas"  --  Dave Farber 1996
**************************************************


  By Date           By Thread  

Current thread:
  • IP: Secure DNS Implementation in BIND David Farber (Oct 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault