Thu 19 Nov 2015  

DNSSEC for Legacy Applications

Slides:

  180-DNSSEC-for-Legacy-Applications.pdf
Event:
  DNS-WG @ RIPE71

Willem Toorop  18

  Video

Validating stub resolvers are hampered by middle boxes (typically CPE) that corrupt the path from the stub to the recursive resolver. Using the getdns library and the Linux/Unix name resolution framework, libnss_getdns provides (stub-level) DNSSEC validation for legacy applications. This module can work around broken middle boxes by double checking bogus answers. It also offers in-path signalling of DNSSEC failure for http, informing the end-user why validation failed and giving them control of deciding how to deal with that.

Other by Willem Toorop

  Living on the Edge
  Sun 04 Feb 2018
  DNS devroom @ FOSDEM'18
  Willem Toorop   end-2-endness
Greatly needed stub resolver capabilities for applications and systems with the getdns library
  Hands on getdns
  Thu 06 Jul 2017
  JCSA17
  Sara Dickinson   Willem Toorop
Tutorial at the JCSA17 in Paris
  The Importance of Being an Earnest stub
  Mon 15 May 2017
  DNS-OARC26
  Willem Toorop   DNS Privacy   Stubby   end-2-endness
Presentation at the DNS-OARC26 in Madrid
  The Usability Challenge for DNS Privacy and End Users
  Sun 26 Feb 2017
  NDSS2017
  Sara Dickinson   Willem Toorop   Allison Mankin   DNS Privacy   Stubby
The usability challenges for Stubby, presented at the NDSS2017
  How to get a trustworthy DNS Privacy enabling recursive resolver
  Sun 26 Feb 2017
  NDSS2017
  Willem Toorop   Benno Overeinder   Melinda Shore   DNS Privacy
Analysis of authentication mechanisms for DNS Privacy enabling recursive resolvers, presented at the NDSS2017
  Stubby
  Wed 19 Oct 2016
  NANOG68
  Willem Toorop   Stubby
Introducting Stubby at the NANOG68 in Dallas
  IETF95 Hackathon results
  Sun 03 Apr 2016
  Hackathon @ IETF95
  Dan York   Allison Mankin   Shumon Huque   Willem Toorop   Hackathon
Overview of the DNS hackathon projects at the IETF95
  How we are developing a next generation DNS API for applications
  Thu 31 Mar 2016
  DNS-OARC24
  Sara Dickinson   Willem Toorop
Presentation at the DNS-OARC24 in Buenos Aires
  getdns - A new stub resolver
  Sun 13 Sep 2015
  vBSDcon 2015
  Willem Toorop
Very complete overview presentation at te vBSDcon 2015 in Reston
  getdns API implementation
  Thu 14 May 2015
  OS-WG @ RIPE70
  Willem Toorop
Presentation in the Open Source Working Group at RIPE70 in Amsterdam
  getdns API
  Thu 26 Mar 2015
  Bits-n-Bites @ IETF92
  Sara Dickinson   Gowri Visweswaran   Willem Toorop
Poster presentation at the Bits-n-Bites of the IETF92
  DNSSEC via a New Stub Resolver
  Thu 24 Jul 2014
  OSCON2014
  Allison Mankin   Willem Toorop   Neel Goyal   Glen Wiley
Presentation at the OSCON 2014 in Portland
  getdns API implementation
  Wed 25 Jun 2014
  DNSSEC-WS @ ICANN50
  Willem Toorop
Presentation at the DNSSEC Workshop at ICANN50 in London
  getdns API implementation
  Wed 14 May 2014
  OS-WG @ RIPE68
  Willem Toorop
Lightning talk at the Open Source Working Group at RIPE 68 in Warsaw
  getdns API implementation
  Sun 11 May 2014
  DNS-OARC 2014 Spring-WS
  Willem Toorop
Presentation at the DNS-OARC Spring Workshop in Warsaw