A Python Library for Authenticating Keys using DNS. This library was written by Iain Learmonth and Sathyanarayanan Gunasekaran at the Kings of Code Hack Battle 2014 with the support of Versign.

The library provides functions to retrieve and validate fingerprints for the following crypto systems:

DNSSEC validation information is passed to the application to allow for the application to make trust decisions based on the user's preferences instead of hard-coding trust decisions.


Future versions will include support for (in no particular order):



dnskeys was presented at the ICANN DNSSEC Workshop at ICANN 50 in London on the 25th June 2014. The slides used are available here.

The Next Web 2014

dnskeys was presented at The Next Web conference in Amsterdam on the 24th April 2014. The slides used are available here.


For more information, contact Iain Learmonth.

Copyright © 2014 Iain R. Learmonth and contributors.

The research described here is supported by the award made by the RCUK Digital Economy programme to the dot.rural Digital Economy Hub; award reference: EP/G066051/1.

The research has also received support from Versign Labs and NLNet Labs.