[net-dns-users] Release candidate for Net::DNS::SEC 0.22

Willem Toorop willem at nlnetlabs.nl
Wed Feb 4 14:27:27 UTC 2015


Hi Dmitry,

That's right.
Cheers,

-- Willem

Op 04-02-15 om 14:54 schreef Dmitry Belyavsky:
> Hello Willem,
> 
> Do you use Digest::GOST::Cryptopro for GOST DS verification?
> 
> Thank you!
> 
> 
> 
> On Wed, Feb 4, 2015 at 4:40 PM, Willem Toorop <willem at nlnetlabs.nl
> <mailto:willem at nlnetlabs.nl>> wrote:
> 
> Dear users of Net::DNS::SEC,
> 
> We have a candidate for the upcoming 0.22 release of Net::DNS::SEC.
> This release introduces the following new features and improvements:
> 
> * RRSIG::siginception and RRSIG::siginception in time values
> 
>         RRSIG::siginception and RRSIG::siginception now returns,
>         besides the format date in string context like before, the date
>         as seconds since epoch in numeric context.
> 
> * ECDSA and GOST signature creation and verification
> 
>         The optional Crypt::OpenSSL::EC, Crypt::OpenSSL::ECDSA and
>         Digest::GOST need to be available to enable this feature.
> 
> * Version requirements detection for optional modules
> 
>         Besides the optional modules just mentioned,
>         Crypt::OpenSSL::Random is an optional module which enables
>         private key generation and Digest::BubbleBabble enables
>         Net::DNS::RR::DS::babble
> 
> Besides these features, architectural modifications have been made to
> loosen the Net::DNS::RR::* classes from the Net::DNS::SEC package, so
> that they can be added to the regular Net::DNS in the future, although
> without cryptographic operations.
> 
> To this end, all cryptographic operations are now concentrated in
> their own modules Net::DNS::SEC::RSA, Net::DNS::SEC::DSA,
> Net::DNS::SEC::ECDSA and Net::DNS::SEC::ECCGOST.
> 
> An affected module of this rework is Net::DNS::SEC::Private.   This
> module previously performed cryptographic operations with the
> generate_rsa, new_rsa_priv and dump_rsa_* methods.
> 
> The generate_rsa and new_rsa_priv methods are still available as
> before, but the dump_rsa_* methods are now available only if the
> generate_rsa or new_rsa_priv function were used to create the
> Net::DNS::SEC::Private object.  This is different from previous
> behaviour.
> 
> Note that the Private.pm module had and has the following text at the
> top of its documentation: "The class is written to be used only in the
> context of the Net::DNS::RR::RRSIG create method. This class is not
> designed to interact with any other system."
> 
> If you  depend upon this module nonetheless, please let us know,
> preferably with a use case.
> 
> Please review this version carefully and regression-test it with your
> software. If no issues arise, the actual release will follow Wedensday
> the 11th of February 2015.
> 
> link    https://www.net-dns.org/download/Net-DNS-SEC-0.21_10.tar.gz
> sha1 <https://www.net-dns.org/download/Net-DNS-SEC-0.21_10.tar.gz
> sha1>    8f6951a0e4e6fa4d2dc7fbc4147a36945ed5631d
> 
> Changes
> =======
>    Fix: rt.cpan.org <http://rt.cpan.org> #101184
>    make siginception and sigexpiration available as time() values
> 
>    Fix: rt.cpan.org <http://rt.cpan.org> #101183
>    wrong URL for blog in README
> 
>    Fix: rt.cpan.org <http://rt.cpan.org> #83031
>    [RRSIG] lack of ECDSA support
> 
>     _______________________________________________
>     net-dns-users mailing list
>     net-dns-users at nlnetlabs.nl <mailto:net-dns-users at nlnetlabs.nl>
>     https://www.nlnetlabs.nl/mailman/listinfo/net-dns-users
> 
> 
> 
> 
> -- 
> SY, Dmitry Belyavsky
> 
> 
> _______________________________________________
> net-dns-users mailing list
> net-dns-users at nlnetlabs.nl
> https://www.nlnetlabs.nl/mailman/listinfo/net-dns-users
> 




More information about the net-dns-users mailing list