OpenDNSSEC 1.3.16
Version 1.3.16 of OpenDNSSEC has now been released:
Updates:
- SUPPORT-72: Improve logging when failed to increment serial in case of key rollover and serial value “keep” [OPENDNSSEC-441].
- OPENDNSSEC-436: NSEC3PARAM TTL can now be optionally configured in kasp.xml. Default value remains PT0S.
- OPENDNSSEC-458: Add ‘ods-enforcerd -p <policy>’ option. This prompts the enforcer to run once and only process the specified policy and associated zones.
- OPENDNSSEC-460: ods-ksmutil: Add an option to the ‘ods-ksmutil key ds-seen’ command so the user can choose not to notify the enforcer.
- OPENDNSSEC-472: ods-ksmutil: Add option for ‘ods-ksmutil key import’ to check if there is a matching key in the repository before import.
- OPENDNSSEC-473: ods-ksmutil: Improve ‘zone add’ – Support default <input> and <output> values for DNS adapters.
Bugfixes:
- OPENDNSSEC-451: Signer Engine: Prevent CKA_ID and DNSKEY mixup by using a separate HSM context when loading signer configuration.
- OPENDNSSEC-462: Signer Engine: Duration PT0S is not printed correctly.
- ods-ksmutil: Fix typo in policy export with NSEC3 <Iterations>.
Documentation:
Download:
- opendnssec-1.3.16.tar.gz
- opendnssec-1.3.16.tar.gz.sig
- Checksum sha1: 4d81517cc99f8120f773c2af772b17eb5714f793
- Checksum sha256: fa0fe18757a19d6b03e27c2c76f291d61a735f14c2661725df4e569e0be1d04c
This entry was posted on Wednesday, December 4th, 2013 at 16:32 and is filed under Releases. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.
Comments are closed.