[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Strategy: DNS server in main for potato?

    BIND (Berkeley Internet Name Domain) server is the thing that gives
    you answers to DNS name lookups.  It's mostly covered by the BSD
    license.  With the introduction of DNSSEC (secure DNS) it needs
    encryption, and is using RSA, which makes the latest BIND patent
    encumbered in the US.

I am guessing that DNSSEC is a standard specification, perhaps an
Internet RFC.  Is that so?

If so, the first question is, does DNSSEC provide for some other kind
of encryption as an alternative?

If yes, then we have a number of alternatives:

1. Make a version of BIND with some other encryption algorithm, and
encourage people to use it instead of the "official" version of BIND.

The people who do this can offer to cooperate with the "official"
version.  The longer the cooperation continues, the better.

2. Use DENTS (I am guessing that DENTS is a usable alternative to BIND).

Reply to: