[Opendnssec-announce] OpenDNSSEC 1.0.0rc3

Rickard Bellgrim rickard.bellgrim at iis.se
Tue Jan 26 08:21:39 UTC 2010

Version 1.0.0rc3 of OpenDNSSEC has now been released. This should be the last release candidate before 1.0.0.


    * ods-ksmutil: The ksk-roll command did not handle its options correctly
    * Auditor: Configured zone SOA TTL now used to track pre-published keys, rather than the unsigned zone SOA TTL.
    * Enforcer: There was a flaw in the implementation of the timing code (it  follows an earlier version of the draft and at one point does not add on the safety margin).
    * Enforcer: MySQL memory leaks fixed.
    * Signer Engine: When changing policy or rollover a key, the old signed zone was not found, so always resulting in a fresh resign.
    * Signer Engine: RRsets with varying TTLs on the records where considered different RRsets, the signer engine now eqaulizes those TTLs.


    * A code review was performed by members of the project group. No serious problem was found. The code review resulted in some polishing of the code.
    * Dnsruby-1.42 is now required, it fixes issues with TXT and NAPTR record parsing.
    * ldns 1.6.4 is now required.
    * Known issues has been moved from NEWS to KNOWN_ISSUES.

Download the tarball from: http://www.opendnssec.org/files/source/opendnssec-1.0.0rc3.tar.gz

// OpenDNSSEC team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 475 bytes
Desc: not available
URL: <http://lists.opendnssec.org/pipermail/opendnssec-announce/attachments/20100126/e9219e60/attachment.bin>

More information about the Opendnssec-announce mailing list