Fedora 11 Update: dnssec-conf-1.21-3.fc11

updates at fedoraproject.org updates at fedoraproject.org
Tue Feb 9 04:57:12 UTC 2010

Fedora Update Notification
2010-02-09 04:25:42

Name        : dnssec-conf
Product     : Fedora 11
Version     : 1.21
Release     : 3.fc11
URL         : http://www.xelerance.com/software/dnssec-conf/
Summary     : DNSSEC and DLV configuration and priming tool
Description :
DNSSEC configuration and priming tool. Keys are required until the root
is signed, as well as for local unpublished DNSSEC keys to be preloaded
into the recursive nameserver. These DNSSEC configuration files can be
directly included in the bind or unbound nameserver configuration files.
dnssec-conf includes a commandline configuration client for Bind and
Unbound, known DNSSEC keys, URL's to official publication pages of keys,
and harvested keys, as well a script to harvest DNSKEY's from DNS.
See also: system-config-dnssec

Update Information:

Package contained expired trust anchors for RIPE's reverse zones, causing
significant traffic from bind servers repeatedly trying to obtain non-existing
DNSKEY's See https://lists.isc.org/pipermail/bind-

* Fri Feb  5 2010 Paul Wouters <paul at xelerance.com> - 1.21-3
- Do not ship DNSSEC trust anchors for in-addr.arpa zones. Rely on the DLV
  and (from July 2010 onwards) the signed root
- Use trigger to recreate an updated named.dnssec.keys and restart nameservers
* Tue Sep  8 2009 Paul Wouters <paul at xelerance.com> - 1.21-2
-New key for .pr.
* Sun Jun 14 2009 Paul Wouters <paul at xelerance.com> - 1.21-1
- upgraded to 1.21

This update can be installed with the "yum" update program.  Use 
su -c 'yum update dnssec-conf' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the package-announce mailing list