Changes - metacpan.org

Revision history for Perl extension Net::DNS::SEC.


0.11 August 28 2003

   FEAT: - Implemented draft-ietf-dnsext-dnssec-2535typcode-change-04.txt
           This document has been through review and will be published
           as standard track RFCs shortly.
           IMPORTANT: the implementation of the typecode roll deprecated 
           the use of SIG->create for any other reason than SIG0. If
           you try to create SIGs over RRsets you will be warned.

   FEAT: - Modified the namespace for the module that holds the name
           of the private key from Net::DNS::RR::SIG::Private to 
           Net::DNS::SEC::Private.  
           !!!!!
           Net::DNS::RR::SIG::Private will be deprecated in a next release.
           !!!!!


   CLEAN:- Crypt::OpenSSL::RSA v 0.19 introduced the possibility to
           create keys directly from parameters, although this introduced
           a dependency on Crypt::OpenSSL::Bignum it allowed to get rid
           from converting all parameters to DER/ANS1 encoding. Got rid of 
           a number of lines of code.


0.10 January 8 2003

   BUG:  - Crypt::OpenSSL::RSA::new method has been depricated. Code has
	   been modified to deal with the new constructors

0.09 January 6 2003

   FEAT: - Added Net::DNS::RR::SIG::Private. The class provides 
           an abstraction to the private key material. The SIG create
	   method now either takes a filename, like previously, or a 
	   Private key object as an argument. If you have to create
	   many signatures the latter is preferred because you only have
	   to read the file with the private key material once.
	   
	   Note that by adding this feature a modification to
	   Net::DNS::Resolver was needed to properly do SIG0.  Use
	   Net::DNS version 0.32 or later in combination with this
	   version

   FEAT: - Wes Griffen added a parameter change to keyset:

  	   'Attached is a diff for Net::DNS::SEC v0.8 that adds a
	   parameter changes keyset->writekeyset($path) to
	   keyset->writekeyset($prefix,$path) where prefix is an
	   optional string that is prepended to the filename of the
	   keyset. That way I can keep my unsigned keyset in
	   keyset-<domain>. and have the signed keyset in
	   signed-keyset-<domain>.'


   FEAT: - Babblebubble, handy for telephone confirmation of hashes.
           Added babblebubble string as comment to DS RR.
           DS->babble returns the babble bubble string
  

   FEAT: - Miek Gieben contributed demo/key2ds


0.08 November 4 2002

   BUG:  - DSA signature verification failed at random about 1 per 10
           sigatures. Corrected allignment problem that lead to this.
	   Added 'stresstest' that loops over creation and verification
	   of signatures to spot these kind of seldomly occuring errors.
          
           On my VAIO PII 500Mhz the take about a minute:
 	   Files=3, Tests=3056, 69 wallclock secs 
                               (63.30 cusr +  0.70 csys = 63.99 CPU)


   FEAT: - Added Test::More as dependency as on some systems diag was failing.


0.07 October 2 2002

   FEAT: - Added demo/make-signed-keyset, a contribution by Wes Griffin.

   FEAT: - Removed dependency on Math::Pari by porting away from
	   Crypt::DSA to Crypt::OpenSSL::DSA (version 0.10). This should
	   increase portability over platform.

           T.J. Mather, the Crypt::OpenSSL::DSA maintainer has been
	   particularly helpfull and responsive by adding a few
	   methods to the DSA modules.

0.06 August 16 2002

   NOTE: In one of ther versions prior to Net::DNS 0.26 a bug
         got introduced that made Net::DNS::SEC break. The bug was fixed in
	 version 0.27.

   BUG:  - Check on the existence of the private file improved in SIG.pm

         - signame got trailing dot with the create methods and not with
	   others.

   FEAT: - Added privatekeyname method to KEY.pm
         - Started work on Net::DNS::Keyset.
         - Added RSA/SHA1 (algorithm ID 5) to SIG.pm. Patch supplied by
	   Andy Vaskys,  Network Associates Laboratories.
	 - Rewrote regexp's to not use $' (Postmatch).

0.05 and 0.04 June 17, 2002

    BUG:  Makefile.PL needed a fix for unused dependency. This failed
	  made the installation fail :-(. 0.04 introduced another failing
	  dependency.

    DOC:  Clarified the documentation at points. 



0.03 June 14, 2002
   
    DOC: Few Clarifications

0.02 June 4, 2002

    First CPAN Release.
    Some modifications to the packaging.


0.01 May 25, 2002  

    Version 0.01 of the package is an alpha for CPAN release.



---------------------------------------------------------------------------
The extensions used to be published as a modified version of
Net::DNS. The history of those is documented below.

0.20-DNSSEC-0.2:
  
  Branched off Net::DNS version 0.20 release (CPAN May 15, 2002)


0.20-DNSSEC-0.1:

  This version had limited distribution
  
  First patch against a version 0.20 snapshot (2002-03-27).
  http://www.dyndns.org/~ctriv/net-dns-snaps/2002/03/


  Modified t/09-dnssec.t; uses Test::More now and includes a number of
  self consistency checks.
 

  DOC   Cleaned up the documentation and removed some references to functions
	and libraries that where not used anyway.

  FIX   'aesthetic' patch supplied by Simon Josefsson reordering the NXT
        RR map for the  print  method.
 
  FEAT  Added checks on keytype and updated to latest specs for DS 
        Added SIG0 support. See Net::DNS::Packet for details. The verify and
	create methods of SIG.pm where modified somewhat to cope with the 
	difference.
        Changed RSA backend from Crypt::RSA to Crypt::OpenSSL::RSA because
	Crypt::RSA failed during a 'loss of Math::Pari precision in 
	Crypt::Primes'.
  

0.19-DNSSEC-0.5: 

  BUG   DS create method: Hash calculation was done over concattination of name
        and key material while the hash should be taken over concatenation of
        canonical name and key rdata. (Fix by Mike Schiraldi)


0.19-DNSSEC-0.4: 
  Added CERT support: Courtesy of Mike Schiraldi <raldi@research.netsol.com> 
        for VeriSign
 
  BUG Fixed MANIFEST file. make dist will result in proper module tar ball
 

0.19-DNSSEC-0.3: 
  Solved patch problems that where due to the 
  $Id: Changes,v 1.17 2003/08/28 11:32:06 olaf Exp $ in headers not 
  being from the original distribution.

  Added DSA signature creation

  Added DS support 
        You have to uncomment line 77 in Net/DNS.pm to fully enable DS
	This will assign QTYPE 93 to the DS RR.
	That value is not assigned by IANA. 


  Added this README.DNSSEC file

  Added t/09-dnssec.t to the test script with a number of consistency checks.
        after patching the original distribution direction
        perl Makefile.PL
        make test 
        will call this function among other things.

  BUG   KeyID set to 0 for null keys.

  BUG   Sorting of canonical RDATA; 
	Data over which SIG was created was not sorted properly (RFC2535 
        sect 8.3) causing signature verification errors for RDATA within 
	a RRset having different length (e.g. some NS RRsets would not 
	verify.)

0.19-DNSSEC-0.2: 
  First somewhat public release.


---------------------------------------------------------------------------
$Id: Changes,v 1.17 2003/08/28 11:32:06 olaf Exp $
	Global
`s`	Focus search bar
`?`	Bring up this help dialog
	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)
	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse
	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)