OpenDNSSEC was created as an open-source turn-key solution for DNSSEC. It secures zone data just before it is published in an authoritative name server.
This is the developers wiki, more info about OpenDNSSEC on http://www.opendnssec.org
We will be supplying source code for Unix, which should also build on Windows with CygWin. We will not be supplying packages, but are welcoming package builders that are motivated to build and maintain packages for our source code releases.
The following are the deliverables from the project:
- OpenDNSSEC: The OpenDNSSEC implementation, expected to run on top of a PKCS #11 implementation, like an HSM.
- SoftHSM : A software-only implementation of an HSM, made available through the industry standard PKCS #11 interface. This software is compatible with the DNSSEC Signer.
- HSM market selection: A comparison between a number of HSM devices. This is intended to give a rough idea about the kinds of devices available on the market, in terms of speed, price, configuration.
What is the progress of OpenDNSSEC development?
Please visit the following resources for more details about development:
- The project plan for OpenDNSSEC
- The user's mailing list
- The developer's mailing list (only open for developers)
- In-person and phone meeting notes
Who are involved in OpenDNSSEC?
OpenDNSSEC development is developed by the following parties:
- NLnet Labs as DNS code experts
- .SE, (The Internet Infrastructure Foundation), the .SE registry
- Nominet, the .UK registry
- SURFnet, representing Dutch universities and high schools
- Kirei AB
- John A Dickinson
- SIDN
