[Opendnssec-announce] OpenDNSSEC 1.2.0rc3
rickard.bellgrim at iis.se
Tue Dec 28 10:46:32 UTC 2010
Version 1.2.0rc3 of OpenDNSSEC has now been released.
* Moved migration instructions to the file MIGRATION
* Bugreport #199: The previous DB schema change made the zone removal broken.
* Enforcer: When retiring old KSK, use TTL(ds) and not TTL(ksk).
* Enforcer: Minimize the set of DS RRs sent to DelegationSignerSubmitCommand.
* Enforcer: Replace tab with a space character in the DNSKEY printed to syslog.
* Enforcer: Fixed pontential format string bug.
* ods-ksmutil: Log to syslog when ds-seen changes a key to active/standby.
* Signer Engine: Don’t be smart with RRSIG TTLs, the hsm will set them for you.
* Signer Engine: Set notify command for zone when receiving ods-signer update.
* Signer Engine: Update TTL of NSEC(3) records if SOA Minimum has changed in KASP.
* Signer Engine: Now logs to the correct facility.
* Signer Engine: Also remove NSEC records when detecting changes in signconf <Denial>
* Signer Engine: Dropped privileges before starting Zonefetcher.
* This release does not build on Solaris, but will be fixed.
Download the tarball from: http://www.opendnssec.org/files/source/opendnssec-1.2.0rc3.tar.gz
// OpenDNSSEC team
More information about the Opendnssec-announce