Friday, November 12, 2010

Phreebird Suite 1.0

Dan Kaminsky DNSSEC Tool - Zero Configuration DNSSEC Proxy

Phreebird is a DNSSEC proxy that operates in front of an existing DNS server (BIND, Unbound, PowerDNS, Microsoft DNS, QIP) and supplements its records with DNSSEC responses.

Features of Phreebird include:

- Automatic key generation
- Realtime record signing -- no "batch signing"
- Support for arbitrary responses
- Zero configuration, even for multiple zones (all zones share the same key)
- Support for realtime generation of NSEC3 records, a.k.a. "NSEC3 White Lies"
- Caching of signed answers with a maximum bound on how large the cache can get
- Rate limiting for NSEC3 responses
- Experimental Support for "" Coarse Time over DNS
- Experimental Support for "HTTP Virtual Channel" DNS over HTTP


Slideshare: Introducing the Domain Key Infrastructure


Download Phreebird Suite 1.01

No comments: