L.S., There is finally another release candiate for OpenDNSSEC (2.1.8rc2), which fixes a big in the enforcer set-policy command and a niche, but important crash in the signer. The fixes in this release candidate should not pose any problems, but the first release candidate included a fix to keys not being purged from the HSM. This warrented a release candidate before going for a direct release, so I want to bring this again to the attention:
> To the key purge problem. Either when manually purging keys, or having > specified a <Purge> in your key policy (kasp.xml), the keys are suppost > to be removed from the HSM. However, for some time, the keys were marked > for deletion, and became invisible, but the removal from the HSM was > skipped. In this release candidate this is fixed, but still allowing > keys not to be removed entirely. When you specify an automatic purge > then the keys will, after the specified period, will be completely > removed. When you purge manually, keys are not removed from the HSM > unless you specify an additional flag (the --delete or -d flag). This new release candidate is available using the following link: https://dist.opendnssec.org/source/testing/opendnssec-2.1.8rc2.tar.gz With kind regards, Berry van Halderen _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
