Unbound 1.5.0 released
Tue, 18 November 2014
getdns 0.1.5 beta released
Fri, 31 Oct 2014
Net::DNS 0.81 released
Wed, 29 Oct 2014
Net::DNS::SEC 0.21 released
Fri, 24 Oct 2014
NSD 4.1.0 released
Thu, 4 Sep 2014
NSD 3.2.18 released
Mon, 28 Jul 2014
Dnssec-Trigger 0.12 released
Thu, 22 May 2014
experimental package that provides DNSSEC on personal computers. Bug fixes, ip address change in default config, software update.Details
NSD 4.0.2 released
Wed, 12 Mar 2014
ldns 1.6.17 released
Fri, 10 Jan 2014
NLnet Labs Annual Report 2013
Wed, 27 MAy 2013
We are happy to present NLnet Labs Annual report 2013. In it
we present an overview of Labs' various activities and
describe their impact.
Annual Report 2013 (PDF)
Open Data Analysis to Retrieve Sensitive Information Regarding National-Centric Critical Infrastructures
Mon, 3 Feb 2014
Open Data repositories store a variety of information from country governments and private sectors. A concern is that with publishing data, sensitive information can be obtained by visual analytic techniques. The report shows that it is possible to retrieve precise locations where critical infrastructures overlap.
MSc. report (PDF)
Securing the last mile of DNS with CGA-TSIG
Tue, 8 Jan 2014
TSIG with shared keys is not scalable as a solution for the DNS last mile problem. CGA-TSIG extends TSIG with CGA so that
shared secrets are no longer required. This research investigates the CGA-TSIG proposal by doing a security analysis and
by making a PoC implementation in ldns.
MSc. report (PDF)
DNSSEC Audit Framework
Mon, 30 Dec 2013
In collaboration with SWITCH, the .CH and .LI registry, we have created a DNSSEC audit framework, that can be used to conduct a review of your or someone else's DNSSEC implementation.
NLnet Labs Strategic Plan 2014
Wed, 9 Oct 2013
This is the first time we post this type
of plan publicly. With this plan we intend to communicate
who we are and where we are going, it serves the NLnet Labs
Board and Staff but also the parties that support our
mission and want to contribute financially.
Experiences with MPTCP in an International OpenFlow Network
Tue, 3 Sep 2013
Keeping up with the network demand in order to transfer these data sets over the Internet is a challenge. Single links do not have enough capacity anymore. Therefore we need to install more interfaces in the servers and use all available paths in the network. In this paper we describe two new technologies that help to optimally use the capacity of all multiple paths simultaneously: OpenFlow and Multipath TCP (MPTCP).
TNC2013 paper (PDF)
ISC and NLnet Labs Joins Forces
Mon, 10 Nov 2014
ISC and NLnet Labs have signed an agreement to make available a combined Advance Security Notification subscription on their software products.Press release
Recent blog posts
Fri, 19 Sep 2014 by wouter
NSD 4.1: zonefile-mode and fork fix Use zone files and not nsd.db NSD 4.1 has been released and it contains a new feature where NSD does not use the nsd.db file, but uses the zonefiles directly. The feature can be turned on by configuring one line in nsd.conf, it can also be turned off by ...
Mon, 15 Sep 2014 by benno
NLnet Labs announces that it will take full responsibility for continuing the activities of both the OpenDNSSEC softwareproject as well as the support activities of the Swedish OpenDNSSEC AB. OpenDNSSEC was created as an open source turn-key solution for DNSSEC, managing the security of domain names on the Internet. The project drives adoption of Domain ...
Mon, 02 Jun 2014 by olaf
July 11 I will be leaving NLnet Labs to join the Internet Society as Chief Internet Technology Officer. During the last one-and half decade I have tried to push the needle to a more secure, resilient, and dependable Internet. For the last eight and a half years I did this at NLnet Labs by leading a ...
Thu, 01 May 2014 by wouter
Wouter Wijngaards en Olaf Kolkman Context At NLnet Labs we believe that DNSSEC allows for security innovations that will change the global security and privacy landscape. Innovations like DANE, a technology that allows people to use the global DNS to bootstrap a encrypted channel, are only the start of currently unimaginable technical innovation. The deployment ...