Deploy360 8 February 2012

DNSSEC-Tools 1.12.1 Released – New DNSSEC apps, updated tools, Android support, more…

By Dan YorkDirector, Internet Technology

Dnssec tools projectThe DNSSEC-Tools Project today announced the release of DNSSEC-Tools version 1.12.1 with a range of new DNSSEC applications, updates to a number of tools and porting of the DNSSEC validator library to the Android platform.

The new release can be downloaded in various forms from:

The release announcement mentions these new features and capabilities:

  • A new and improved DNSSEC-check utility with a completely re-written GUI and support for a number of platforms including Android and Harmattan (N9) devices.
  • dnssec-nodes now parses unbound log files
  • dnssec-system-tray now parses unbound log files
  • rollerd
    • Added support for phase-specific commands in rollerd. This allows the zone operator to customize processing of the rollerd utility during different rollerd phases.
    • Added support for zone groups in rollerd. This allows a collection of zones to be controlled as a group, rather each of those zones individually.
    • Improved the manner in which rollerd indexes the zones being managed, with the significantly decreased access times for rollerd’s data files. This results in rollerd being able to support a lot more zones with a single rollerd instance.
    • rollctl and the rollover GUI programs may have new commands to allow for immediate termination of rollerd.
  • New DNSSEC-capable applications
    • Added a patch to enable DNSSEC validation in Qt based applications
    • Added patch to enable local validation in NTP, with the ability to handle a specific chicken and egg problem related to the interdependency between DNSSEC and an accurate system clock.
  • Validator library:
    • The library has been ported to the Android OS
    • Added support for hard-coding validator configuration information that gets used in the absence of other configuration data. This feature allows the validator library to be self-contained in environments where setting up configuration data at specific locations in the file system is not always feasible.

It’s very cool to see these new features added and we look forward to seeing what developers build with these new capabilities!

P.S. The DNSSEC-Tools project also seems to have a brand new Twitter account, @DNSSECTools, that could use some followers! 😉

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...