Bug#681448: unblock: nsd3/3.2.11-1
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package nsd3
Since this version will be the next supported I would like to push
latest upstream, which:
- add support for TLSA RR type
- add support for ECDSA (Elliptic Curve algorithms) in DNSSEC
Both of these will hopefully used in upcoming years:
- EC algorithms have nice properties of being smaller and faster, so
people will rollover to them once the support in DNSSEC validators is
prevalent
- TLSA allows certificate pinning (and even Debian would benefit from
that as you can add trust anchor on the fly for self-signed CAs and certs).
We hope to see support in browsers/MTAs/MUAs etc. start to growing as
the protocol is almost a standard (in RFC-Editor queue for those who
knows what that means :)).
The upstream release also includes few minor fixes in IXFR code
and new zone stats, which I haven't enabled since it's a new code.
(I could cherry-pick these two main mentioned features, but I feel
it's not worth it as NSD3 has no rev-deps and the codebase is stable.)
unblock nsd3/3.2.11-1
-- System Information:
Debian Release: 6.0.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable'), (300, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Reply to: