Bug#542667: ITP: opendnssec -- complete DNSSEC zone signing system
Package: wnpp
Severity: wishlist
Owner: "Ondřej Surý" <ondrej@debian.org>
* Package name : opendnssec
Version : 1.0a2
Upstream Author : Roy Arends, Rickard Bondesson, Alex Dalitz, John A. Dickinson, Jelte Jansen, Sion Lloyd, Matthijs Mekking, Stephen Morris, Jakob Schlyter, Patrik Wallström
* URL : http://www.opendnssec.org/
* License : BSD
Programming Lang: C, Ruby
Description : complete DNSSEC zone signing system
OpenDNSSEC takes in unsigned zones, adds the signatures and other records
for DNSSEC and passes it on to the authoritative name servers for that
zone.
.
DNS is complicated, and so is digital signing; their combination in DNSSEC
is of course complex as well. The idea of OpenDNSSEC is to handle such
difficulties, to relieve the administrator of them after a one-time effort
for setting it up.
.
The storage of keys is done through a PKCS #11 standard interface. To
deploy OpenDNSSEC, an implementation of this interface is needed, for
example a software library, an HSM or perhaps a simpler token.
Reply to: