Version 1.2.0b1 of OpenDNSSEC has now been released.

News:

• A new signer engine, written in c. Zones are maintained in memory, instead of in files on disk.
• Removed the python and python-4suite-xml dependencies.
• Remove separate autoconf for libhsm/conf/enforcer.
• Add option to disable building the signer.
• Signer logs statistics just after outputting a new signed zone.
• libhsm will skip processing (and not create) any public keys if the per repository option <SkipPublicKey/> is set.
• Keysharing improved – keys can now exist in different states on each zone that the key is in use for.
• Backup prepare/commit/rollback added for 2-step backups without taking the enforcer offline.
• Standby keys are now optional (default to 0) and should be considered experimental.

Bugfixes:

• Fix semantics of refresh value in Signer Engine.
• Auditor handles chains of empty nonterminals correctly.
• Recalculate salt immediately if the saltlength is changed.
• libhsm connected to slot 0 if the token label was not found. An error is now returned instead of connecting to the slot.
• Bugreport #102: Removed the obsoleted python-4suite-xml dependency.
• Fixed Known Issue: KSK rollover requires manual timing.
• Fixed Known Issue: Key rollover and reuse of signatures.
• Fixed Known Issue: Issue with sharing keys and adding zones.
• Fixed Known Issue: Quicksorter does not allow certain owner name. (Quicksorter is removed, signer now reads and sorts the zone).

Known issue:

• Auditor cannot verify zone containing RP or DNAME RR. Fixed in dnsruby trunk. Will be included in dnsruby v1.51

Download the source from our repository:
svn co http://svn.opendnssec.org/tags/OpenDNSSEC-1.2.0b1/
cd OpenDNSSEC-1.2.0b1/
sh autogen.sh
./configure
make
make install

This entry was posted on Monday, October 18th, 2010 at 16:40 and is filed under Releases. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.