DNS security extensions now available for Debian's zone entries
May 12th, 2011
The Debian Project is pleased to announce that its domains debian.org and debian.net are now secured by the DNS Security Extensions (DNSSEC). The corresponding DNS records have recently been added in the .net and .org zones.
This enables users with security aware DNS resolvers to securely
retrieve information from the domain name system such as IP addresses,
or for those who have shell accounts on debian.org machines, SSH host key
fingerprints. Any tampering with DNS replies would be detected by a user's
resolver,
says Peter Palfrader, member of Debian's System Administrator
Team. DNSSEC is an important step in securing the Internet's name
resolution infrastructure.
To our knowledge, Debian is the first large Linux distribution who has
secured its zones using DNSSEC with a valid trust chain from the IANA root zone
says Peter.
Usage of Domain Name Security Extensions
Probably the easiest way to use DNSSEC is the usage of the unbound package as resolver. Please see wiki page for details on how to use unbound and DNSSEC.
About Debian
The Debian Project was founded in 1993 by Ian Murdock to be a truly
free community project. Since then the project has grown to be one of
the largest and most influential open source projects. Thousands of
volunteers from all over the world work together to create and
maintain Debian software. Available in 70 languages, and
supporting a huge range of computer types, Debian calls itself the
universal operating system
.
Contact Information
For further information, please visit the Debian web pages at https://www.debian.org/ or send mail to <press@debian.org>.