IANIX adopts DNSCurve

Date: January 23, 2012

IANIX is happy to announce the adoption of DNSCurve, part of the larger CurveCP project — one of the most exciting technologies in years. For an introduction to DNSCurve and CurveCP, see the above links or the following presentation from Dan Bernstein at 27C3, "High-speed high-security cryptography: encrypting and authenticating the whole Internet."

To enable DNSCurve protection in the resolver, use dnscache with Matthew Dempsky's DNSCurve patch. Alternatively, OpenDNS supports DNSCurve and has released DNSCrypt for its 30 million users. Otherwise, contact your vendor or ISP and ask them to support DNSCurve.

To enable DNSCurve protection on an authoritative server, one can use the CurveDNS forwarder with the following CurveDNS chroot patch in front of an existing setup. Using a forwarder allows an administrator to continue using the original DNS server software.

IANIX intends to deploy DNSCurve and CurveCP wherever appropriate.