DNSCurve Status Update

[blblack]

Work continues on gdnsd's DNSCurve branch. The code is now basically
feature-complete. Since the original announcement, the following
DNSCurve features have been added:
* Listen addresses can now be configured with a subset of the global
list of DNSCurve keys
* Configurable per-key nonce separation for sharing keys between
servers (and proper internal nonce separation between socket threads)
* A tunable shared-key cache, which caches precomputed shared
secrets between the server and the clients

Since the previous announcement, the config file format and the way
that DNSCurve keys are stated within it have both changed. "perldoc
docs/gdnsd.config.pod" (or "man gdnsd.config" after installation) has
the details/examples.

The public test servers are still running the lastest rev of branches/
dnscurve and serving DNS for the following four domains:

http://gdnsd.net
http://dnscurv.es
http://curvecheck.net
http://dtmf.com

More info and various helpful links are included at those links
(they're all aliases in terms of content).

mdempsky's python-based "dnsq.py" client seems to still interoperate
with gdnsd fine (although it gives gdnsd horrid cache hit rates since
it generates a random public key on every invocation), as do OpenDNS's
public DNSCurve-enabled caches (you can use their CacheCheck to force
it to query the test domains above and watch the stats move in the
servers' HTTP stats output, and they do seem to use public keys that
persist for a while).

As soon as I sort out the build issues (I'll probably end up bundling
the nacl source and having an autoconf flag to disable it if necc on
any paltforms it doesn't build on (for that matter, I don't think nacl
can cross-compile either)), I'll make a tarball snapshot available for
wider testing (so you don't need to do svn checkouts and install Ragel
and all that).

-- Brandon