[MaraDNS list] MaraDNS now has funding

JFC Morfin jefsey at jefsey.com
Sun Apr 1 21:36:31 EDT 2012 

At 02:17 02/04/2012, Sam Trenholme wrote:
>MaraDNS now has funding
>I am very pleased to let the community of MaraDNS users know that I
>have gotten a $1,048,576 USD grant from an anonymous donor. In light
>of this, I will be able to implement some features I have been meaning
>to implement in MaraDNS.

BRAVO !!!!

Technologically geat, ethically a justice for you and your family.

jfc

----

PS. It would be great if you documented hooks that would permit to 
plug modules to support:

- requests massaging (for example to support language conversion, 
variants, punycode)
- CLASSes provided the request includes the CLASS to use.

May be the code could be made reentrant (so support of classes would 
only be to reenter the same code with a different class?)


jfc



>== DNSSEC and DNSCurve ==
>
>First of all, this funding will give me a chance to fully implement
>DNSSEC and DNSCurve. Due to the amount of code that needs to be
>written, I will hire Dan Kaminsky to help me implement the DNSSEC
>code, as well has contracting Daniel J. Bernstein to write the
>DNSCurve code.
>
>The code will be in separate modules and I hope it will be possible to
>compile MaraDNS and Deadwood with both DNSSEC and DNSCurve support at
>the same time; this is a logistical issue we will work out.
>
>== Random number generator ==
>
>In addition to contracting Daniel J. Bernstein to write the DNSCurve
>code, I will also bring in Guido Bertoni, Joan Daemen, Michael
>Peeters, and Gilles Van Assche who will work with Bernstein in
>implementing a high-speed cryptographic block cipher with a 1024-bit
>block size on 32-bit platforms, a 2048-bit block size on 64-bit
>platforms, a 4096-bit block size on 128-bit platforms, as well as a
>1152-bit block size on 36-bit platforms for our substantial number of
>users who run MaraDNS and Deadwood on PDP-10s.
>
>This block cipher primitive will be used in a sponge mode of operation
>as a pseudo-random number generator for Deadwood.
>
>We will also research making a hash compression primitive for 32-bit,
>36-bit, 64-bit, and 128-bit platforms which is both very fast and
>cryptographically secure from collisions as long as our attacker
>doesn't know the primitive's randomly generated secret number.
>
>== Other plans ==
>
>I was hoping to be able to implement a 20nm 128-bit version of the
>6502 processor with memory management and protected mode, as well as a
>series of op codes to make processing DNS packets faster (such as
>FINDDNSLABEL). Unfortunately, my anonymous donor will not give me the
>$5 billion grant needed to implement this processor until our team
>successfully implements DNSSEC, DNSCurve, as well as the
>large-block-size cipher, not to mention the secure hash compressor.
>
>This should all be done within a year, and I will then be able to get
>a larger grant. I will let people know what that grant will let us do
>a year from today, on Monday, April 1, 2013.

More information about the list mailing list