Home_greyopenFATE - openSUSE feature tracking > #310516
Dashboard | Search | Sign up | Login

Please login or register to be able to edit or vote this feature.


Feature state

Evaluation By Projectmanager


With the root zone now being signed, DNSSEC is finally seeing adoption. It would be really nice for YaST to be able to generate a signed zone.


icons/user_comment.png P. B. wrote: (7 years ago)

This is actually a couple of requests rolled into one. I didn't realize that when I initially entered it.

1) Enable DNSSEC validation in the default BIND configuration
- Add root zone key to the default configuration

2) Enable easy creation of signed zones

3) Optionally add support in applications (e.g. Firefox) for displaying status

The business case revolves around providing a modern security aware distribution. Until June of 2010, DNSSEC was not deployed widely, but with the root zone signed, almost all TLDs have either rolled out DNSSEC or announced plans to do so within approximately one year. I expect to see customers requesting this once .com signs their zone.

icons/user_comment.png K. K. wrote: (7 years ago)

I proposed to look at this idea into GSOC ideas wiki page. We are looking for mentors so if anyone wants to help, please add your name in the wiki page (http://en.opensuse.org/openSUSE:GSOC_2011_Ideas )

icons/user_comment.png P. S. wrote: (3 years ago)

That feature would be nice. I can package the software and maybe helping including this in yast. Sounds like a good project regarding DNS spoofing news.

icons/user_comment.png M. M. wrote: (3 years ago)

Please feel free to do so!

Last change: 3 years ago
Score: 4
  • Negative: 1
  • Neutral: 0
  • Positive: 5
Feature Export
Application-xmlXML   Text-x-logPlaintext   PrinterPrint