Debian Bug report logs - #655220
RFP: curvedns -- Forwarding implementation of the DNSCurve protocol

Package: wnpp; Maintainer for wnpp is wnpp@debian.org;

Reported by: Sergiusz Pawlowicz <debian@pawlowicz.name>

Date: Mon, 9 Jan 2012 13:33:01 UTC

Severity: wishlist

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, debian-devel@lists.debian.org, curvedns@on2it.net, wnpp@debian.org:
Bug#655220; Package wnpp. (Mon, 09 Jan 2012 13:33:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Sergiusz Pawlowicz <debian@pawlowicz.name>:
New Bug report received and forwarded. Copy sent to debian-devel@lists.debian.org, curvedns@on2it.net, wnpp@debian.org. (Mon, 09 Jan 2012 13:33:12 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Sergiusz Pawlowicz <debian@pawlowicz.name>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: ITP: curvedns -- Forwarding implementation of the DNSCurve protocol
Date: Mon, 09 Jan 2012 13:29:54 +0000
Package: wnpp
Severity: wishlist
Owner: Sergiusz Pawlowicz <debian@pawlowicz.name>

* Package name    : curvedns
  Version         : 0.87
  Upstream Author : CurveDNS developers <curvedns@on2it.net>
* URL             : http://curvedns.on2it.net/
* License         : CurveDNS (retain COPYRIGHT file, public domain)
  Programming Lang: C, C++
  Description     : Forwarding implementation of the DNSCurve protocol

CurveDNS is the first publicly released forwarding implementation that
implements the DNSCurve protocol[0].

DNSCurve uses high-speed high-security elliptic-curve cryptography to
drastically improve every dimension of DNS security:

 *   Confidentiality: DNS requests and responses today are completely
unencrypted and are broadcast to any attacker who cares to look.
DNSCurve encrypts all DNS packets.
 *   Integrity: DNS today uses "UDP source-port randomization" and "TXID
randomization" to create some speed bumps for blind attackers, but
patient attackers and sniffing attackers can easily forge DNS records.
DNSCurve cryptographically authenticates all DNS responses, eliminating
forged DNS packets.
 *   Availability: DNS today has no protection against denial of service.
A sniffing attacker can disable all of your DNS lookups by sending just
a few forged packets per second. DNSCurve very quickly recognizes and
discards forged packets, so attackers have much more trouble preventing
DNS data from getting through. Protection is also needed for SMTP, HTTP,
HTTPS, etc., but protecting DNS is the first step. 

What is so special about this implementation is the fact that any
authoritative DNS name server can act as a DNSCurve capable one, without
changing anything on your current DNS environment. The only thing a DNS
data manager (that is probably you) has to do is to install CurveDNS on
a machine, generate a keypair, and update NS type records that were
pointing towards your authoritative name server and let them point to
this machine running CurveDNS. Indeed, it is that easy to become fully
protected against almost any of the currently known DNS flaws, such as
active and passive cache poisoning.

CurveDNS supports:

 *   Forwarding of regular (non-protected) DNS packets;
 *   Unboxing of DNSCurve queries and forwarding the regular DNS packets
 *   Boxing of regular DNS responses to DNSCurve responses;
 *   Both DNSCurve’s streamlined- and TXT-format;
 *   Caching of shared secrets;
 *   Both UDP and TCP;
 *   Both IPv4 and IPv6.

[0] http://www.dnscurve.org/




Information forwarded to debian-bugs-dist@lists.debian.org, wnpp@debian.org, Sergiusz Pawlowicz <debian@pawlowicz.name>:
Bug#655220; Package wnpp. (Mon, 27 May 2013 14:19:20 GMT) Full text and rfc822 format available.

Acknowledgement sent to Lucas Nussbaum <lucas@debian.org>:
Extra info received and forwarded to list. Copy sent to wnpp@debian.org, Sergiusz Pawlowicz <debian@pawlowicz.name>. (Mon, 27 May 2013 14:19:20 GMT) Full text and rfc822 format available.

Message #10 received at 655220@bugs.debian.org (full text, mbox):

From: Lucas Nussbaum <lucas@debian.org>
To: 655220@bugs.debian.org
Cc: control@bugs.debian.org
Subject: curvedns: changing back from ITP to RFP
Date: Mon, 27 May 2013 15:24:13 +0200
retitle 655220 RFP: curvedns -- Forwarding implementation of the DNSCurve protocol
noowner 655220
tag 655220 - pending
thanks

Hi,

This is an automatic email to change the status of curvedns back from ITP
(Intent to Package) to RFP (Request for Package), because this bug hasn't seen
any activity during the last 12 months.

If you are still interested in adopting curvedns, please send a mail to
<control@bugs.debian.org> with:

 retitle 655220 ITP: curvedns -- Forwarding implementation of the DNSCurve protocol
 owner 655220 !
 thanks

However, it is not recommended to keep ITP for a long time without acting on
the package, as it might cause other prospective maintainers to refrain from
packaging that software. It is also a good idea to document your progress on
this ITP from time to time, by mailing <655220@bugs.debian.org>.

Thank you for your interest in Debian,
-- 
Lucas, for the QA team <debian-qa@lists.debian.org>



Changed Bug title to 'RFP: curvedns -- Forwarding implementation of the DNSCurve protocol' from 'ITP: curvedns -- Forwarding implementation of the DNSCurve protocol' Request was from Lucas Nussbaum <lucas@debian.org> to control@bugs.debian.org. (Mon, 27 May 2013 14:29:24 GMT) Full text and rfc822 format available.

Removed annotation that Bug was owned by Sergiusz Pawlowicz <debian@pawlowicz.name>. Request was from Lucas Nussbaum <lucas@debian.org> to control@bugs.debian.org. (Mon, 27 May 2013 14:29:25 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 24 04:20:47 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.