Subproject 7 of TeSSA: DNS implementation

Introduction

The goal of this subproject of TeSSA is to implement basic functionality of a DNS (Domain Name System) resolver on top of JaCoB (Java Conduits Beans) application framework.

In addition to basic functionality, support for SPKI certificate queries is also to be included. The created Java library can then be directly utilized in subproject 1, by querying the certificates from a DNS resolver instead of reading them from a local disk.

Goals and outlines

The goal of the subproject is to create a prototype of a Java library, which has basic functionality of a DNS resolver, as well as support for relaying SPKI certificates using the DNS. A name server, however, will not be implemented. The library will be constructed using the JaCoB application framework version 3, and the target environment is Java 2.

In many DNS implementations, communication is first attempted over UDP, and if that fails the same is tried using TCP. In this prototype only the UDP protocol is used, as a JaCoB 3 implementation of TCP is not currently available. However, it will be attempted to build the Java component in such a way that TCP backup functionality can easily be plugged in once the protocol becomes available.

The implementation will support DNS query types A, CNAME, MX, NS, PTR, SOA, TXT, and also the type CERT, which, at least not yet, is not one of the standard types.

Integration of the implemented DNS resolver and the prototype gained as a result of the subproject 1 is also one of the objectives. If this objective is accomplished, the certificates needed in making authorization and access control decisions will be queried from the DNS instead of reading them from a local disk.

Reports and results

• Prototype
• JavaDoc-documentation of the classes of the prototype
• Conduits model of the prototype (included in the thesis)
• Master's thesis: Storage and retrieval of SPKI certificates using the DNS

Links

• Drafts and RFCs related to the DNS

  Domain Administrators Operations Guide: http://andrew2.andrew.cmu.edu/rfc/rfc1033.html

  Domain Names - Concepts and Facilities: http://andrew2.andrew.cmu.edu/rfc/rfc1034.html

  Domain Names - Implementation and Specification: http://andrew2.andrew.cmu.edu/rfc/rfc1035.html

  Domain Name System Security Extensions: http://andrew2.andrew.cmu.edu/rfc/rfc2065.html

  Storing Certificates in the Domain Name System (DNS): http://www.ietf.org/internet-drafts/draft-ietf-dnssec-certs-02.txt

• JaCoB framework: http://www.tcm.hut.fi/Research/TeSSA/Jacob/jacob3.html

This page is maintained by Tero Hasu, Email: tero.hasu@hut.fi
This page has been last updated last on 15th of April 1999.
URL: http://www.tcm.hut.fi/Research/TeSSA/DNS/