Umbhali we-Trust-DNS iseva ye-DNS ubhengeze ukutshintshwa kweprojekthi kwi-Hickory DNS. Isizathu sokutshintsha igama ngumnqweno wokwenza iprojekthi ibe nomtsalane ngakumbi kubasebenzisi, abaphuhlisi kunye nabaxhasi, ukunqanda ukugqithelana kukhangelo ngembono ethi "I-DNS ethembekileyo", kunye nokubhalisa uphawu kunye nokukhusela uphawu oluhambelana ne iprojekthi (igama le-Trust-DNS liza kuba yingxaki ukulisebenzisa njengophawu lwentengiso, kuba yenziwe ngokusuka kumagama aqhelekileyo angenakuthathwa njengeyodwa).
Ekuqaleni, iprojekthi iphuhliswe njengovavanyo lokudala amacandelo enkqubo ngolwimi lweprogram olubonelela ngezixhobo zokusebenza ngokukhuselekileyo ngememori, kodwa izicwangciso zangoku zibandakanya ukuyijika ibe yimveliso epheleleyo. Uphuhliso lomncedisi we-Hickory DNS luya kuqhutywa phantsi kwentlangano ye-ISRG (iQela loPhando loKhuseleko lwe-Intanethi), ongumseki weprojekthi ye-Let Encrypt kwaye ikhuthaze uphuhliso lwetekhnoloji ukwandisa ukhuseleko lwe-Intanethi (umzekelo. , phantsi kwe-ISRG, ukuphunyezwa kwe-sudo kunye nemodyuli ye-TLS ye-Apache http umncedisi iyaphuhliswa, iseva ye-NTP kunye ne-AV1 idekhoda, ebhalwe kwi-Rust).
Emva kokutshintshwa kwegama, le projekthi iza kususwa kwindawo yokugcina idatha yombhali yeGitHub iye kwindawo yokugcina idatha phantsi kombutho owahlukileyo, iHickory DNS, eya kwenza kube lula ukuthatha inxaxheba kwabaphuhlisi kunye nabagcini bedatha kuluntu. Iiphakheji zekreyithi i-trust-dns-resolver kunye ne-trust-dns-proto ziza kuphinda zibizwe ngokuba yi-hickory-resolver kunye ne-hickory-proto, kwaye eyona nto iphambili umncedisi iza kuhanjiswa kwiphakheji ye-hickory-dns. Kwiindlela zazo zangoku, iiphakheji ze-trust-dns-resolver kunye ne-trust-dns-proto zikhutshelwe izihlandlo ezili-19 lezigidi kunye nama-20 ezigidi ngokulandelelana kwi-Crates.io. Utyalo-mali oluvela kwi-ISRG kulindeleke ukuba lwandise ukusetyenziswa kweseva ye-DNS kwaye lwenze kube lula ngakumbi ukusasazwa kwemveliso.
I-Hickory DNS ibandakanya amacandelo okubonelela ngeseva ye-DNS enegunya, umxhasi we-DNS, umxazululi wendawo, kunye neseva ye-DNS ephindaphindiweyo. Ikwabandakanya amathala eencwadi ngokuphunyezwa kweeprothokholi ezikwinqanaba elisezantsi. Iprojekthi ixhasa i-DNSSEC, i-DoT (i-DNS phezu kwe-TLS), i-DoH (i-DNS phezu kwe-HTTPS), i-DoQ (i-DNS phezu kwe-QUIC), i-mDNS (i-Multicast DNS), i-DNS-SD (UFundo lweNkonzo), i-ANAME, uhlaziyo lwerekhodi oluguquguqukayo, CSYNC (Umntwana- ukuya ku-Ungqamaniso lwaBazali), iDANE (i-DNS-Isekwe kuQinisekiso lwamaQumrhu aQiweyo), i-DNSKEY, i-CAA (uGunyaziso lweSiqinisekiso). Inkxaso yeklasi ye-IN-ADDR.ARPA, ukudluliselwa kwendawo eyongeziweyo, ukuthumela izaziso kwiiseva zesibini malunga nokuhlaziywa kwendawo, i-DNS ethembekileyo kunye ne-S/MIME ikwinkqubo yokuphunyezwa okanye ayikakalungi. Ikhowudi yeprojekthi ibhalwe kwi-Rust kwaye ihanjiswa phantsi kwe-MIT kunye neelayisensi ze-Apache 2.0.
Kwixesha elizayo, iHickory DNS icetyelwe ukusetyenziswa kwiziseko zophuhliso ze-Let's Encrypt. Ngaphambi kokuba iphunyezwe, kuya kwenziwa uhlolo lokhuseleko, ukuphuculwa kokusebenza kuya kwenziwa, kwaye kuya kunikwa inkxaso yemibuzo ephindaphindwayo ngokupheleleyo kunye nokuqinisekiswa kwayo nge-DNSSEC. Izicwangciso ziquka inkxaso ye-NSEC3, imigaqo-nkqubo yokugcina idatha kwiintlobo ezahlukeneyo zeerekhodi ze-DNS, ukulinganisela umthwalo, kunye nokufakwa kuluhlu olumhlophe. Iidilesi ze-IP kwiinxibelelwano ezingenayo.
umthombo: opennet.ru
