- 28 Oct, 2009 1 commit
-
-
Mark Andrews authored
suppressed (dnssec-keygen -q). Automatically suppress the progress messages when stdin is not a tty. [RT #20474]
-
- 22 Oct, 2009 1 commit
-
-
Evan Hunt authored
RSASHA256 and RSASHA512. [RT #20023]
-
- 16 Oct, 2009 1 commit
-
-
Jeremy Reed authored
This was seen in 9.7.0a3. No CHANGES entry as is too minor.
-
- 05 Oct, 2009 1 commit
-
-
Francis Dupont authored
-
- 14 Sep, 2009 1 commit
-
-
Evan Hunt authored
- Keys without "publish" or "active" dates set will no longer be used for smart signing. However, those dates will be set to "now" by default when a key is created; to generate a key but not use it yet, use dnssec-keygen -G. - New "inactive" date (dnssec-keygen/settime -I) sets the time when a key is no longer used for signing but is still published. - The "unpublished" date (-U) is deprecated in favor of "deleted" (-D). [rt20247]
-
- 02 Sep, 2009 1 commit
-
-
Evan Hunt authored
- dnssec-keygen and dnssec-settime can now set key metadata fields 0 (to unset a value, use "none") - dnssec-revoke sets the revocation date in addition to the revoke bit - dnssec-settime can now print individual metadata fields instead of always printing all of them, and can print them in unix epoch time format for use by scripts [RT #19942]
-
- 28 Aug, 2009 1 commit
-
-
Evan Hunt authored
name for DNSSEC keys. [RT #19938]
-
- 19 Jul, 2009 1 commit
-
-
Evan Hunt authored
dnssec-* tools. Major changes: - all dnssec-* tools now take a -K option to specify a directory in which key files will be stored - DNSSEC can now store metadata indicating when they are scheduled to be published, acttivated, revoked or removed; these values can be set by dnssec-keygen or overwritten by the new dnssec-settime command - dnssec-signzone -S (for "smart") option reads key metadata and uses it to determine automatically which keys to publish to the zone, use for signing, revoke, or remove from the zone [RT #19816]
-
- 17 Jun, 2009 2 commits
-
-
Automatic Updater authored
-
Evan Hunt authored
dnssec-keygen. Without arguments, it will now generate a 1024-bit RSASHA1 zone-signing key, or with the -f KSK option, a 2048-bit RSASHA1 key-signing key. [RT #19300] 2611. [func] Add -l option to dnssec-dsfromkey to generate DLV records instead of DS records. [RT #19300]
-
- 14 Oct, 2008 1 commit
-
-
Jeremy Reed authored
(Also order these numerically.)
-
- 25 Sep, 2008 1 commit
-
-
Automatic Updater authored
-
- 24 Sep, 2008 1 commit
-
-
Mark Andrews authored
-
- 18 Jun, 2007 2 commits
-
-
Automatic Updater authored
-
Mark Andrews authored
when generating DNSKEYs. [RT #16954]
-
- 09 May, 2007 1 commit
-
-
Mark Andrews authored
-
- 29 Jan, 2007 2 commits
-
-
Mark Andrews authored
-
Rob Austein authored
-
- 30 Aug, 2005 1 commit
-
-
Mark Andrews authored
-
- 19 Jul, 2005 1 commit
-
-
Mark Andrews authored
-
- 13 May, 2005 1 commit
-
-
Mark Andrews authored
-
- 11 May, 2005 1 commit
-
-
Rob Austein authored
-
- 07 Apr, 2005 1 commit
-
-
Mark Andrews authored
have consistant copyright dates.
-
- 11 Jun, 2004 1 commit
-
-
Mark Andrews authored
DNSKEY, NXT vs NSEC and SIG vs RRSIG. 1658. [func] Update dnssec-keygen to default to KEY for HMAC-MD5 and DH. Tighten which options apply to KEY and DNSKEY records.
-
- 03 Jun, 2004 1 commit
-
-
Mark Andrews authored
-
- 05 Mar, 2004 1 commit
-
-
Mark Andrews authored
-
- 18 Jan, 2003 1 commit
-
-
Mark Andrews authored
from SOA MINIMUM. 1414. [func] Support for KSK flag.
-
- 20 Feb, 2002 1 commit
-
-
Mark Andrews authored
-
- 21 Jan, 2002 1 commit
-
-
Brian Wellington authored
protocol 3 (DNSSEC), since it's less confusing that way.
-
- 10 Apr, 2001 1 commit
-
-
Brian Wellington authored
(note - this doesn't touch lib/bind at all. Mark, whenever you're done with lib/bind, make sure to do the copyright magic)
-
- 31 Mar, 2001 1 commit
-
-
Brian Wellington authored
-
- 30 Mar, 2001 1 commit
-
-
Brian Wellington authored
-