OpenDNSSEC 1.0.0b2

The second beta-version of OpenDNSSEC has been released.

The following things are new for this release:

  • Added experimental support for RSA/SHA256 and RSA/SHA512 to KASP enforcer and the signer engine.
  • SignerThreads and KeygenInterval has been deprecated (actually removed just before 1.0.0b1).
  • Added support for RSA/SHA256 and RSA/SHA512 to libhsm. No API changes.


  • Bugreport #33 (#35): Output a signed zone if only the SOA record changed.
  • Zone fetcher did not start correctly
  • Create the pid / socket directory if it not yet exists, with the correct privileges.
  • Signer Engine now catches exception if running with incorrect permission.
  • TCP-support for LDNS on Solaris is fixed in LDNS trunk.

Known issues:

  • LDNS is having problem with SRV records. The main effect is that these records are given non-valid RRSIGs. This is still under investigation.

Download the tarball from: opendnssec-1.0.0b2.tar.gz

Comments are closed.