Welcome to OpenDNSSEC

The OpenDNSSEC project announces the development of Open Source software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

The latest news about OpenDNSSEC can be found below!

OpenDNSSEC 1.3.14

Version 1.3.14 of OpenDNSSEC has now been released:

Updates:

  • OPENDNSSEC-367: ods-ksmutil: Require user confirmation if the algorithm for  a key is changed in a policy (as this rollover is not handled cleanly)
  • OPENDNSSEC-91: Make the keytype flag required when rolling keys
  • OPENDNSSEC-403: Signer Engine: new command ‘ods-signer locks’ that shows  locking information (for debugging purposes).

Bugfixes:

  • OPENDNSSEC-247: Signer Engine: TTL on NSEC3 was not updated on SOA  Minimum change.
  • OPENDNSSEC-396: Use TTLs from kasp when generating DNSKEY and DS records for  output.
  • OPENDNSSEC-398: The ods-ksmutil key rollover command does not work correctly  when rolling all keys using the –policy option
  • SUPPORT-40: Signer Engine: Keep occluded data in signed zone files/transfers.

Documentation:

Download:

 

OpenDNSSEC 1.4.0

Version 1.4.0 of OpenDNSSEC has now been released.  This is the latest stable release.

Updates since 1.4.0rc3:

Documentation:

Download:

OpenDNSSEC 1.4.0rc3

Version 1.4.0rc3 of OpenDNSSEC has now been released. This version is recommended for testing only, not for use in production environments.

Updates:

  • Further testing of OPENDNSSEC-387 completed, release returned to rc status.

Documentation:

Download: