[Pdns-dev] PowerDNS & DNSSEC!
Dean Anderson
dean at av8.com
Wed Jul 15 19:48:06 CEST 2009
And all these domains are ready to be used in DDoS attacks as described
to the NTIA in this letter:
http://www.ntia.doc.gov/dns/comments/comment027.pdf
The .ORG officials have refused to respond to questions about whether
they have NTIA approval to sign .ORG.
Also, my letter to the NTIA explains several vulnerabilities with
DNSSEC, including how to obtain the private signing key of the registry.
The letter also debunks the Kaminsky/Vixie DNS security vulnerability
hoax.
--Dean
On Tue, 14 Jul 2009, bert hubert wrote:
> .. http://www.powerdnssec.org ..
>
> Is signed by PowerDNS, and the delegation from .ORG is also signed. And of
> course this domain is powered by PowerDNS!
>
> (Re)Signing & re-keying is automatic, and configuration consists of a two
> step plan:
>
> 1) configure a key-repository directory in the pdns.conf.
> 2) run 'pdnssec create-keys powerdnssec.org'.
>
> (to be completely honest, right now it is a four step plan, but the last two
> steps will vanish very soon).
>
> There is a monumental amount of work left to be done, both in terms of
> core development, tools, performance, support infrastructure etc, and this
> will not happen automatically. http://www.powerdnssec.org also lists the
> things that are currently missing.
>
> Expect further announcements soon - we'll need help to make it all happen.
> The code is not yet available, but it will be if we find the help we need.
>
> But I wanted to share this exciting development earlier rather than later!
>
> Bert
>
>
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000
More information about the Pdns-dev
mailing list