[net-dns-users] Release candidate for Net::DNS::SEC 0.22
Willem Toorop
willem at nlnetlabs.nl
Wed Feb 4 13:40:17 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear users of Net::DNS::SEC,
We have a candidate for the upcoming 0.22 release of Net::DNS::SEC.
This release introduces the following new features and improvements:
* RRSIG::siginception and RRSIG::siginception in time values
RRSIG::siginception and RRSIG::siginception now returns,
besides the format date in string context like before, the date
as seconds since epoch in numeric context.
* ECDSA and GOST signature creation and verification
The optional Crypt::OpenSSL::EC, Crypt::OpenSSL::ECDSA and
Digest::GOST need to be available to enable this feature.
* Version requirements detection for optional modules
Besides the optional modules just mentioned,
Crypt::OpenSSL::Random is an optional module which enables
private key generation and Digest::BubbleBabble enables
Net::DNS::RR::DS::babble
Besides these features, architectural modifications have been made to
loosen the Net::DNS::RR::* classes from the Net::DNS::SEC package, so
that they can be added to the regular Net::DNS in the future, although
without cryptographic operations.
To this end, all cryptographic operations are now concentrated in
their own modules Net::DNS::SEC::RSA, Net::DNS::SEC::DSA,
Net::DNS::SEC::ECDSA and Net::DNS::SEC::ECCGOST.
An affected module of this rework is Net::DNS::SEC::Private. This
module previously performed cryptographic operations with the
generate_rsa, new_rsa_priv and dump_rsa_* methods.
The generate_rsa and new_rsa_priv methods are still available as
before, but the dump_rsa_* methods are now available only if the
generate_rsa or new_rsa_priv function were used to create the
Net::DNS::SEC::Private object. This is different from previous behaviour.
Note that the Private.pm module had and has the following text at the
top of its documentation: "The class is written to be used only in the
context of the Net::DNS::RR::RRSIG create method. This class is not
designed to interact with any other system."
If you depend upon this module nonetheless, please let us know,
preferably with a use case.
Please review this version carefully and regression-test it with your
software. If no issues arise, the actual release will follow Wedensday
the 11th of February 2015.
link https://www.net-dns.org/download/Net-DNS-SEC-0.21_10.tar.gz
sha1 8f6951a0e4e6fa4d2dc7fbc4147a36945ed5631d
Changes
=======
Fix: rt.cpan.org #101184
make siginception and sigexpiration available as time() values
Fix: rt.cpan.org #101183
wrong URL for blog in README
Fix: rt.cpan.org #83031
[RRSIG] lack of ECDSA support
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJU0iFAAAoJEOX4+CEvd6SYjroP/j704GRfZcnrvvpBxKzb/tX5
9syKawcM0ualyQ8nhojPj7+qybXvMMF7Zh4h0oiGe2riVi7gLZBoZvFqAXO9kPzD
zJZSn2bDgZz4FVyWzFcooZ49y9MxhHo8AZEFgejqZLPmIH0zQCvrrlb+OYYBav8C
1iTlOegWvm5tYMmh4qveMT5CpEvPtmEFs5HeVyQ0mL7KBJbpKrnHgP3BAzzIHl4H
me1EqBl7smGPis0l9N2UA2TBDFABzezA5XtOafzLGkmdnU+FWfIiiJEHpGKYEEPz
35ONVEwiikEc/sHOHczVHmK7mNtP91NFMs9c2ZTkDLb4jds+DPRM0Lv8/GyVxKGW
4QTMkyyf8sw8iPW78uvW6K5IPlT0V8ZbbryiUVLWbyEQZtqX4PzFYz8JK2yw6dKj
X1Ui4OxPMixqPkj5rlyK9LqJvSvvhwqS+34Vc9x07H76hAdbiq02905xV/kdDmCa
FqIyz+/dSeCsAGcwsh2gm/ayRih3HruIl3C2BtkqJsZBPPk+M9vc47OmNtVF+vjG
NDTwEDgz4KxBKoRWd5qJfbGXI0OQ2rFiOdWfUmcDXkBApLraBuD3+rL8cL6dSuhZ
pBiwqOze+6GIv5jIvcaryUzQKU32gIuQfj/Y5/37U+C9S5fXlZ3MgvchXfZQj5jO
nwSRdEeYrfa+JEFdjgRo
=6Wpt
-----END PGP SIGNATURE-----
More information about the net-dns-users
mailing list