[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#681448: unblock: nsd3/3.2.11-1

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package nsd3

Since this version will be the next supported I would like to push
latest upstream, which:

- add support for TLSA RR type
- add support for ECDSA (Elliptic Curve algorithms) in DNSSEC

Both of these will hopefully used in upcoming years:

- EC algorithms have nice properties of being smaller and faster, so
people will rollover to them once the support in DNSSEC validators is
- TLSA allows certificate pinning (and even Debian would benefit from
that as you can add trust anchor on the fly for self-signed CAs and certs).
We hope to see support in browsers/MTAs/MUAs etc. start to growing as
the protocol is almost a standard (in RFC-Editor queue for those who
knows what that means :)).

The upstream release also includes few minor fixes in IXFR code
and new zone stats, which I haven't enabled since it's a new code.
(I could cherry-pick these two main mentioned features, but I feel
it's not worth it as NSD3 has no rev-deps and the codebase is stable.)

unblock nsd3/3.2.11-1

-- System Information:
Debian Release: 6.0.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable'), (300, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Reply to: