[Pdns-dev] DNSSEC experiments, DNSSEC interest? Plus: new parser

bert hubert bert.hubert at netherlabs.nl
Sun Oct 2 22:14:08 CEST 2005

Hi everybody,

Summary: this message tells of DNSSEC developments, and will ask you about your
DNSSEC interest. Furthermore it details some technical details.

We've been looking into DNSSEC again, or DNSSEC-bis as it is called these
days. I've written a small article on how DNSSEC-bis, it is on

It appears DNSSEC support, at least in the authoritative part of PowerDNS,
is more or less doable.

We wonder though if there is any real interest so far. If you use PowerDNS,
or plan to use PowerDNS, and have DNSSEC plans, can you drop me a line? We'd
like to hear about your needs and desires.


Now for the techie bits, if you run from Subversion (see
http://wiki.powerdns.com/projects/trac/wiki/HACKING ) you can test our new
DNSSEC packet parsing abilities:

$ ./sdig 53 powerdns.se a

All packet parsing code is dnsrecords.cc. All common record types have been
ported to the new infrastructure, which is lovely.

Here for example is the entire NAPTR implementation - one of the most complex

boilerplate_conv(NAPTR, ns_t_naptr,

This serves for generating packets, parsing packets, generating zone content
(for in the database, or on disk) and parsing zone content. All from these
few lines.

If you want to become the PowerDNS contributor of the month, port the LOC
parsing code to this new infrastructure!



http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services

More information about the Pdns-dev mailing list