OpenDNSSEC 1.2.0b1
Version 1.2.0b1 of OpenDNSSEC has now been released.
News:
- A new signer engine, written in c. Zones are maintained in memory, instead of in files on disk.
- Removed the python and python-4suite-xml dependencies.
- Remove separate autoconf for libhsm/conf/enforcer.
- Add option to disable building the signer.
- Signer logs statistics just after outputting a new signed zone.
- libhsm will skip processing (and not create) any public keys if the per repository option <SkipPublicKey/> is set.
- Keysharing improved – keys can now exist in different states on each zone that the key is in use for.
- Backup prepare/commit/rollback added for 2-step backups without taking the enforcer offline.
- Standby keys are now optional (default to 0) and should be considered experimental.
Bugfixes:
- Fix semantics of refresh value in Signer Engine.
- Auditor handles chains of empty nonterminals correctly.
- Recalculate salt immediately if the saltlength is changed.
- libhsm connected to slot 0 if the token label was not found. An error is now returned instead of connecting to the slot.
- Bugreport #102: Removed the obsoleted python-4suite-xml dependency.
- Fixed Known Issue: KSK rollover requires manual timing.
- Fixed Known Issue: Key rollover and reuse of signatures.
- Fixed Known Issue: Issue with sharing keys and adding zones.
- Fixed Known Issue: Quicksorter does not allow certain owner name. (Quicksorter is removed, signer now reads and sorts the zone).
Known issue:
- Auditor cannot verify zone containing RP or DNAME RR. Fixed in dnsruby trunk. Will be included in dnsruby v1.51
Download the source from our repository:
svn co http://svn.opendnssec.org/tags/OpenDNSSEC-1.2.0b1/
cd OpenDNSSEC-1.2.0b1/
sh autogen.sh
./configure
make
make install
This entry was posted on Monday, October 18th, 2010 at 16:40 and is filed under Releases. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.
Comments are closed.