Welcome to OpenDNSSEC

The OpenDNSSEC project announces the development of Open Source software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

The latest news about OpenDNSSEC can be found below!

SoftHSM 2.0.0b2

Version 2.0.0b2 of SoftHSM has been released.


  • SOFTHSM-50: OpenSSL FIPS support.
  • SOFTHSM-64: Updated build script for Windows.
  • SOFTHSM-100: Use –free with softhsm2-util to initialize the first free token.
  • SOFTHSM-103: Allow runtime configuration of log level.
  • SOFTHSM-107: Support for CKM__CBC_PAD.
  • Add support for CKM_RSA_PKCS_OAEP key un/wrapping. (Patch from Petr Spacek)
  • Use OpenSSL EVP interface for AES key wrapping. (Patch from Petr Spacek)
  • Allow reading configuration file from user’s home directory. (Patch from Nikos Mavrogiannopoulos)


  • SOFTHSM-102: C_DeriveKey() uses OBJECT_OP_GENERATE.
  • Coverity found a number of issues.



OpenDNSSEC 1.4.7

Version 1.4.7 of OpenDNSSEC has now been released.


  • SUPPORT-147: Zone updating via zone transfer can get stuck (Håvard Eidnes)
  • Crash on ‘retransfer command when not using DNS adapters.


  • https://dist.opendnssec.org/source/opendnssec-1.4.7.tar.gz
  • https://dist.opendnssec.org/source/opendnssec-1.4.7.tar.gz.sig
  • Checksum SHA256: 8f757ca9e88d6a6dc8f9b6e46a3da5e3a2881b3311fb91c428bcf906683ac41f

OpenDNSSEC project lead transferred to NLnet Labs

NLnet Labs announces that it will take full responsibility for continuing the activities of both the OpenDNSSEC softwareproject as well as the support activities of the Swedish OpenDNSSEC AB. OpenDNSSEC was created as an open source turn-key solution for DNSSEC, managing the security of domain names on the Internet. The project drives adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

After initiating the OpenDNSSEC project in cooperation with UK Internet registry Nominet, the project and development has been managed by the Swedish Internet Structure Foundation (responsible for .SE) for more than 4 years. NLnet Labs contributed strongly from the early days onwards. Working closely together, both organizations agreed upon the transition of the project ownership to NLnet Labs.

NLnet Labs and its 100% subsidiary Open Netlabs BV, will continue the development and support from August 2014 onwards. There is a strong need to move forward—as the project has picked up pace—and increase the global acceptance and implementations of OpenDNSSEC. Embedding the project, product, and support in a sustainable environment will help achieving its original objectives and providing the required added value of the OpenDNSSEC software products. In order to allocate sufficient development capacity, NLnet Labs recently opened vacancies for junior and senior software system engineers.

About NLnet Labs

The NLnet Labs Foundation (NLnet Labs for short) is a not for profit foundation founded in 1999 in the Netherlands. Its statutes define its objectives: to develop Open Source software and open standards for the benefit of the Internet. The foundation believes that the Openness of the network, as enabled by technology and policy, thrives human wellbeing and prosperity. By contributing technology and expertise in the form of Open Source Software and Open Standards, we contribute to wellbeing and prosperity for all.

About Open Netlabs

Open Netlabs is a support and consultancy company, globally supporting organisations using NLnet Labs’ open source software and assisting customers in the implementation and operations of their DNS-infrastructure. High level support and SLA’s, consultancy and training are the core of the services portfolio of Open Netlabs. Open Netlabs BV is a wholly owned, taxable subsidiary of the NLnet Labs Foundation, serving the non-profit public benefit goals of its parent. The company is guided and managed according the charter of the NLnet Labs Foundation.