Investigate replacing PyDNS and PyMDS with Unbound

[JeremyRand]

PyDNS and PyMDS don't seem to have undergone much review. Unbound appears to be much more actively maintained, and appears to have received much more review. Unbound also supports DNSSEC, which is a feature that we can't easily add to NMControl in its current state.

Based on looking at the Unbound documentation, it looks like we can replace PyDNS and PyMDS pretty easily. I'm willing to try this if people think it's a good idea.

--- Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/3972128-investigate-replacing-pydns-and-pymds-with-unbound?utm_campaign=plugin&utm_content=tracker%2F435873&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F435873&utm_medium=issues&utm_source=github).

[JeremyRand]

I talked to sdgathman (author of PyDNS); he said this:

[12:14] sdgathman1 Jeremy_Rand: I looks like DNSSEC support is not trivial for pydns. So go with one of the more complete DNS libraries. I hadn't heard of unbound - I have used dnspython were a complete implementation was needed.

I looked at dnspython, and found the following e-mail thread: https://groups.google.com/forum/#!topic/dnspython-dev/4ojlDt8I_L8 . Looks like dnspython doesn't have full DNSSEC support either, if I'm reading that correctly. (Can @ryancdotorg verify if I'm reading that correctly?) The DNSSEC-Validator browser extension is using Unbound; is Unbound a good option for us?

[ryancdotorg]

I remember looking into DNSSEC before and finding that neither PyDNS or dnspython had sufficient support for both signing and verifying. pydnssec might work. Adding a python plugin for unbound that provides namecoin support seems like a cool plan.