DNSSEC - Software Integration

BIND (Berkeley Internet Name Daemon) is a widely used, free implementation of the Domain Name System for Unix and Windows NT. It provides a server, a client library, and several utility programs. It is estimated to be the DNS software in use in over 90% of the hosts on the Internet. The BIND software is maintained by the Internet Software Consortium. You can download a current copy of BIND from their web site.

DARPA, the Defense Advanced Projects Research Agency, realized that the Internet infrastructure needed some work before it could be relied upon even when under active attack. Their Information Technology Office funded a mid-'90s Information Survivability program to work on the issues. Work is still continuing (as of 1997-1998) under their High Confidence Networking project.

Trusted Information Systems' Internet Infrastructure Protection program is one of their contractors. One TIS sub-project is the DNS Security effort. They have produced several prototype implementations of Secure DNS, which are available from their DNS Security Download Site.

John Gilmore is integrating their prototypes into the standard BIND releases.


Next page: Generating Keys ; Up: Domain Name System Security home page