mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 14:35:26 +00:00
Code Issues Releases Wiki Activity

Tweak and reword release notes

Browse Source
This commit is contained in:
Michal Nowak
2024-05-02 12:30:39 +02:00
parent 8cdc0eafd9
commit 0f81fbcb1f
1 changed files with 21 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
doc/notes/notes-9.19.24.rst
View File

@@ -15,40 +15,43 @@ Notes for BIND 9.19.24
New Features New Features
~~~~~~~~~~~~ ~~~~~~~~~~~~
- A new option :any:`signatures-jitter` is added to :any:`dnssec-policy` to - A new option :any:`signatures-jitter` has been added to :any:`dnssec-policy`
spread out signature expiration times over a period of time. :gl:`#4554` to allow signature expirations to be spread out over a period of time.
:gl:`#4554`
- A new DNSSEC tool :iscman:`dnssec-ksr` is added to create Key Signing Request - A new DNSSEC tool :iscman:`dnssec-ksr` has been added to create Key Signing
(KSR) and Signed Key Response (SKR) files. :gl:`#1128` Request (KSR) and Signed Key Response (SKR) files. :gl:`#1128`
- Queries and responses now emit distinct dnstap entries for DoT and DoH. - Queries and responses now emit distinct dnstap entries for DNS-over-TLS (DoT)
:any:`dnstap-read` understands DoH and DoT entries. :gl:`#4523` and DNS-over-HTTPS (DoH), and :any:`dnstap-read` understands these entries.
:gl:`#4523`
Removed Features Removed Features
~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~
- The ``named`` command line option ``-U <n>``, which specified the number of UDP dispatches, - The :iscman:`named` command-line option :option:`-U <named -U>`, which
has been removed. Using it now prints a warning. :gl:`#1879` specified the number of UDP dispatches, has been removed. Using it now
returns a warning. :gl:`#1879`
Feature Changes Feature Changes
~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~
- Querying the statistics channel no longer blocks the DNS communication - Querying the statistics channel no longer blocks DNS communication on the
on the networking event loop. :gl:`#4680` networking event loop level. :gl:`#4680`
- DNSSEC signatures that are not valid because the current time falls outside - DNSSEC signatures that are not valid because the current time falls outside
the signature inception and expiration dates no longer count towards maximum the signature inception and expiration dates no longer count towards maximum
validation and maximum validation failures limits. :gl:`#4586` validation and maximum validation failure limits. :gl:`#4586`
- Multiple RNDC messages will be processed when sent in a single TCP - Multiple RNDC messages are now processed when sent in a single TCP message.
message.
ISC would like to thank Dominik Thalhammer for reporting the issue ISC would like to thank Dominik Thalhammer for reporting the issue and
and preparing the initial patch. :gl:`#4416` preparing the initial patch. :gl:`#4416`
- :iscman:`dnssec-keygen` now allows the options ``-k`` and ``-f`` to be - :iscman:`dnssec-keygen` now allows the options :option:`-k <dnssec-keygen
used together. This allows creating keys for a given :any:`dnssec-policy` -k>` and :option:`-f <dnssec-keygen -f>` to be used together. This allows the
that match only the KSK (``-fK``) or ZSK (``-fZ``) role. creation of keys for a given :any:`dnssec-policy` that match only the KSK
(``-fK``) or ZSK (``-fZ``) roles. :gl:`#1128`
Known Issues Known Issues
~~~~~~~~~~~~ ~~~~~~~~~~~~