OpenDNSSEC 1.4.0rc2

Version 1.4.0rc2 of OpenDNSSEC has now been released. This version is recommended for testing only, not for use in production environments.


  • OPENDNSSEC-350: Signer Engine: Better log message when IXFR is not ready for reading.
  • OPENDNSSEC-367: ods-ksmutil: Require user confirmation if the algorithm for a key is changed in a policy (as this rollover is not handled cleanly)


  • SUPPORT-44: Signer Engine: Drop privileges after binding to socket [OPENDNSSEC-364].
  • Signer Engine: XFR not ready should not be a fatal status for task read (thanks Ville Mattila).
  • OPENDNSSEC-365: Enforcer: Nasty bug where KSKs could get prematurely retired.





Comments are closed.