#DNS devroom. Because it's always DNS when it works.

#FOSDEM

We start with #Rust: last news of the domain crate.

First big user of this library is #Cascade, the #DNSSEC signer.

#FOSDEM #DNS

For #DNSSEC, the domain crate can use different crypto backends such as the ring crate or the #OpenSSL bindings. (But there are more.)

There is now a common-line tool to query the DNS, dnsi. And a CLI tool to do misc. manipulations, dnst ("people are using the ldns library example programs in production"). And a key manager, keyset.

#FOSDEM

The #DNS devroom is full. Stop trying to enter!

#FOSDEM

Now, no longer Rust, we switch to a real language, Erlang. The authoritative name server erldns at DNSimple.

#FOSDEM

A good mission statement for DNS Tapir "Breaking the bad, stopping the ugly"

#FOSDEM

DNS Tapir analyzes #DNS query data. Among the challenges, privacy, if you want to give access to these data.

Obviously, "anonymization" is a joke and so is pseudonymization. DNS Tapir aggregates instead.

https://www.dnstapir.se/

#FOSDEM

Checking software updates with the #DNS https://mastodon.gougere.fr/@DNSresolver/115995030018880844

Go has a transparency log of its software, for supply-chains security https://www.gopherwatch.org/

#FOSDEM

And this log can now be queried through #DNS https://mastodon.gougere.fr/@DNSresolver/115995045484678683

(and with #DNSSEC authentication)

Built with the excellent Go DNS library https://github.com/miekg/dns

#FOSDEM

And then on top of that, you can implement automatic software updates. No more unpatched vulnerabilities.

With a real live demo, complete with an error message (No space left on device)

#FOSDEM

"#DNS, a love affair with lovecraftian horrors"

Nice horrible font on the titles at the slides.

https://mastodon.gougere.fr/@DNSresolver/115995180261693055

#FOSDEM