On 12/08/2011 01:09 PM, jd.cypherpunks wrote:
David Ulevitch is rolling out OpenDNS http://david.ulevitch.com/
What do you think?
I assume you're talking about their new DNSCrypt application.
They seem to be saying it's an implementation of DJB's DNSCurve protocol.
https://twitter.com/#!/davidu/status/144213491736248320
Some source code is here.
https://github.com/opendns/dnscrypt-proxy
AFAICT this is for a proxy to (guess who) OpenDNS only at this point.
I don't know if they're planning to release code for the resolver side.
It may be intended for use with OpenDNS only.
The code is pretty clean looking, to the point of being sterile. No
author attribution or even source code comments.
I haven't come across any protocol documentation. It looks pretty
simple, mostly just encrypting the DNS packets as messages with NaCL
cryptobox http://nacl.cr.yp.to/box.html .
Of course, the details matter and I haven't looked into it thoroughly.
- Marsh
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
