Menu
▾
▴
Re: DNSSEC
|
From: Brian W. <bwe...@xb...> - 2010-11-23 17:42:09
|
On Nov 23, 2010, at 1:50 AM, mod63 wrote: > Brian Wellington wrote: >> >> >> On Nov 22, 2010, at 5:04 AM, mod63 wrote: >> >>> >>> Hi there, >>> >>> I’m currently working on a project that requires DNSSEC, the current >>> situation is basically that I get a request from a client and based on >>> that >>> I generate a response i.e. Message object and send it of to the client, >>> very >>> basic stuff, the problem is I need to add DNSSEC to that, and that’s >>> where >>> I’m currently stuck. >>> >>> I couldn’t find any good resources about the subject and the explanation >>> in >>> the dnsjava documentation wasn’t adequate >>> >>> Any help would be appreciated; I need to resolve this problem as quickly >>> as >>> possible. >> >> If you want to write a DNSSEC-compliant name server, there is no resource >> better than the DNSSEC RFCs. There are a whole lot of them, but the >> important ones are probably 4034 and 4035. >> >> You're not going to find much in the dnsjava documentation, as dnsjava >> doesn't include a DNSSEC-compliant name server. I think the library is >> complete enough that one could be written, but it definitely would not be >> trivial, and would likely take a considerable amount of time. > > Thank you for the fast reply. > > The javadns documentation for version 2.1.0 contains additional methods not > mentions in the online documentation such as the DNSSEC.sign() method which > returns a RRSIGRecord, could you please clarify this, whats the state of the > implementation?can it be used or modified? The online documentation was outdated; I just updated it to point at the current release. The implementation is complete (to the best of my knowledge), but as David said, the implementation only contains the low-level routines needed to build an authoritative server with DNSSEC support. Brian |
