New releases of BIND are available for download from the Internet
Systems Consortium web site (

BIND 9.11.16 and 9.14.11 are maintenance release versions of
the existing 9.11 (ESV) and 9.14 release branches and contain
the usual assortment of bug fixes and minor feature improvements.

The bigger news in today's set of releases is the release of BIND 9.16.0:
the code refactoring, new features, and performance work which were done
for the 9.15 experimental branch are now considered complete and stable
enough to be moved to a production branch of BIND, capping major changes
to that work and moving it to the new stable branch.

Significant work included in the 9.16 branch includes:

-  New Key and Signing Policy (KASP) features provide simplified
   DNSSEC key and signing management using policies defined by the
   "dnssec-policy" statement.

-  BIND's networking system has been substantially reworked.

-  The way that trust anchors are managed has been improved.

-  DLV (Domain Look-aside Verification) has been deprecated
   since BIND 9.12. And [the main service used by
   those previously relying on DLV] has been turned off since
   2017.  Support for DLV has now been removed completely,
   shortening BIND's validator by hundreds of lines of code
   and greatly reducing its complexity.

You can read more about these new editions of BIND in their release notes:

bind-announce mailing list

Reply via email to