From 91718fe4fb49559271f3319c70539b80a146b5fb Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Tue, 2 Feb 2021 15:47:52 -0800 Subject: [PATCH] CHANGES, release notes --- CHANGES | 10 ++++++---- doc/notes/notes-current.rst | 12 ++++++------ 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/CHANGES b/CHANGES index cd946939a1..1f8591e7ae 100644 --- a/CHANGES +++ b/CHANGES @@ -1,7 +1,9 @@ -5576. [func] Initial support for DNS-over-HTTP(S). BIND now - includes DNS-over-HTTP(S) layer built on top of nghttp2. - Both encrypted and unencrypted HTTP/2 connections - are supported. [GL !4566] +5576. [experimental] Initial server-side implementation of DNS-over-HTTPS + (DoH). Support for both TLS-encrypted and unencrypted + HTTP/2 connections has been added to the network manager + and integrated into named. (Note: there is currently no + client-side support for DNS-over-HTTPS; this will be + added to dig in a future release.) [GL #1144] 5575. [bug] When migrating to dnssec-policy, BIND considered keys with the "Inactive" and/or "Delete" timing metadata as diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index ae6b01a7e2..ba95f08b24 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -52,12 +52,12 @@ New Features an optional ``tls`` option which specifies either a previously configured ``tls`` statement or ``ephemeral``. [GL #2392] -- ``named`` now has initial support for DNS-over-HTTP(S). Both - encrypted (via TLS) and unencrypted HTTP/2 connections are supported. - The latter are mostly there for debugging/troubleshooting - purposes and for the means of encryption offloading to third-party - software (as might be desirable in some environments to aid in TLS - certificates management). [GL !4566] +- ``named`` now supports DNS-over-HTTPS (DoH). Both TLS-encrypted and + unencrypted HTTP/2 connections are supported (the latter may be used to + offload encryption to other software). + + Note that there is no client-side support for HTTPS as yet; this will be + added to ``dig`` in a future release. [GL #1144] Removed Features ~~~~~~~~~~~~~~~~