[Unbound-users] unbound 1.4.6 released

Leen Besselink leen at consolejunkie.net
Tue Aug 3 21:39:54 UTC 2010

On 08/03/2010 04:59 PM, W.C.A. Wijngaards wrote:
> Hash: SHA1
> Hi Kevin,
> On 08/03/2010 03:23 PM, Kevin Chadwick wrote:
>> Is it possible to add dnscurve support to the todo list?
> It is currently at the IETF and if that standardization (and fix)
> process is done, then we can consider adding it.  Of course we also want
> a lean-and-mean validator for unbound, so no unnecessary features.  The
> IETF process can take some time and make changes to the spec, therefore
> the decision is better made at a later date.
> The root was just signed with DNSSEC, a week or so ago, so I updated the
> Howto DNSSEC on the unbound website for that earlier today.  RFC5011
> tracking of the root anchor is much easier than tracking every
> topleveldomain with cron.

How about TSIG ? I think it can be used (if an stub-resolver like ldns 
implements it) to secure 'the last mile'.


Did you also see this idea by Dan Kaminsky ? I thought it was pretty smart.

It takes part of the idea from dnscurve and combines it with DNSSEC to 
get faster/more DNSSEC deployment:


> Best regards,
>     Wouter
> Version: GnuPG v2.0.14 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
> iEYEARECAAYFAkxYLu8ACgkQkDLqNwOhpPiX4gCgoj92t/iJr1lBIwN7W1I1wQvL
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users

More information about the Unbound-users mailing list