You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
Version 1
Next »
Major enhancements
DNS Adapters
OpenDNSSEC now supports both input and output adapters for AXFR and IXFR in addition to file transfer.
PIN Storage
The HSM PIN can now be omitted from the conf.xml file and entered via the 'ods-hsmutil login' command instead for increased security.
Auditor is deprecated
The auditor is no longer supported in 1.4. This greatly reduced the dependencies of OpenDNSSEC, namely it no longer depends on Ruby. Alternative validation tools are described here.
Minor enhancements
(Some enhancements are also available in later 1.3 releases - see the 1.3 release NEWS file)
ods-ksmutil: one step 'key backup' is deprecated
The command
is deprecated - for more details see ods-ksmutil backup
ods-ksmutil/enforcer enhancements
- ods-ksmutil key list: key size, algorithm and next key state are included in output when -v flag is used
- ods-ksmutil rollover list: more information displayed on the KSKs waiting for the ds-seen command when the -v flag is used
- ods-ksmutil key generate: now displays how many keys will be generated and presents the user with the opportunity to stop the operation.
- Optionally include CKA_ID in output of the DelegationSignerSubmitCommand
Signer enhancements
Database
Versioning and Support Policy
The versioning scheme used for releases and the release maintenance policy have both been updated as of 1.4. Please see the Release Management Process for details.
Bug fixes
A full list of bug fixes and issue numbers can be found in the 1.4 release NEWS file.
Notes
The 'Multi-threaded enforcer' feature (which was available in earlier beta versions of 1.4) was removed from the 1.4 release due to issues with the implementation. Note that the 2.0 release will deliver significant performance improvements for running with many zones.