Speaker
Prashanth Suvarna
(Cisco Systems/OpenDNS)
Description
This presentation will focus on our journey towards building a FedRAMP version of OpenDNS/Cisco Umbrella resolver, all the challenges we encountered along the way and the strategy we took to overcome them.
Agenda:
- Our experiences (struggles) with moving to OpenSSL3 and using the FIPS provider within it.
- How we support both commercial (openssl 1.1.1) and FedRAMP (openssl 3) resolvers from the same codebase
- What does FIPS means for DNSSEC?
- What does FIPS means for DoH, DoT and DNSCrypt?
- Restrictions imposed by the environment we have to operate in.
Primary author
Prashanth Suvarna
(Cisco Systems/OpenDNS)
Co-author
Brian Somers
(OpenDNS/Cisco)