2009-02-01 David Blacka * DnsKeyAlgorithms: add official aliases from RFC 5155. * JCEDnsSecSigner: refactor zone signing methods to remove duplicate code. * SignZone: move the signZone() methods to JCEDnsSecSigner * BINDKeyUtils: close the private key file after reading it. Patch by Wolfgang Nagele. 2006-12-15 David Blacka * Release version 0.8.4 * SignZone: updated internals (and dnsjava lib) to match wire format changes introduced by the nsec3-08 draft. 2006-10-10 David Blacka * Released version 0.8.3 * ZoneFormat: fix RRSIG ordering issue when dealing with multiple RRSIGs for a given RRset. * ZoneFormat: lowercase all names in the zone. * Fix packaging errors. 2006-09-12 David Blacka * Released version 0.8.0. 2006-09-10 David Blacka * Added the "KeyInfoTool" command line tool as the start of a tool for decoding DNSKEY information. Right now, mostly just useful for checking the public exponenent of RSA keys. * Added the "-e" option to jdnssec-keygen, to instruct the key generator to use the (common) large exponent in RSA key generation. 2006-08-31 David Blacka * Modified jdnssec-signzone to set the ttls of NSEC3 records (so far) to the SOA minimum value. * Add NSEC3PARAM support for compatibility with the -07 NSEC3 draft. 2006-05-24 David Blacka * Add some error checking for the NSEC3 command line parameters for jdnssec-signzone. * Update local dnsjava build to 2.0.1. This also contains a change to the NSEC3 rdata format (as per the -06pre NSEC3 draft). The change is the addition of a "next hashed owner name" length octet. * Modified the jdnssec-* shell wrappers to also use the local build area version of the jdnssec-tools.jar file. This allows the standard jdnssec-* wrappers to work right from the build area. * Add support of the SHA256 algorithm for DS records. This uses the SHA256 class that I obtained from Scott Rose (thanks Scott!). * Change the name of the package and jar file to jdnssec-tools (from java-dnssec-tools) for consistency. * release version 0.7.0. 2006-05-23 David Blacka * Add support for algorithm aliases. This feature is so that the user can declare the DNSKEY algorithm x is the same as algorithm 5 (e.g.). So far, this only works with straight integer algorithm identifiers (no private alg support yet). * Fix jdnssec-signzone so that you can specify multiple KSKs on the command line. Apparently, commons-cli actually does handle repeating command line options correctly. 2006-05-03 David Blacka * Add preliminary implementation of jdnssec-dstool. This is a simple command line tool that takes a DNSKEY record and converts it into a DS record (or a DLV record). Right now, it requires that the key is stored in a file ending with '.key'. * release version 0.6.0. 2006-03-15 David Blacka * Type map changes for NSEC3, corresponding to changes in draft -05pre. Essentially: NSEC3 and RRSIG bits are not set for most (all) NSEC3 records any longer. 2006-03-06 David Blacka * release version 0.5.0. 2006-02-16 David Blacka * Make RecordComparator also compare RDATA so the removeDuplicates step actually works reliabled. This was masked by the dupicate suppression in org.xbill.DNS.RRset. * Only allow one command line specified KSK since commons-cli doesn't seem to handle multi-arg options correctly. * Do not croak on the lack of the command-line keys for now. * New version of local dnsjava build containing NSEC3 changes corresponding to the -04pre draft. 2005-11-16 David Blacka * Make jdnssec-verifyzone work with just the zone (which is self-signed anyway). * release version 0.4.2. 2005-11-09 David Blacka * Add original ownername comments to the NSEC3 generation. 2005-11-08 David Blacka * New zone formatter. * Misc bug fixes. * release version 0.4.1. 2005-11-07 David Blacka * Update the local dnsjava build with a bugfix. * Fix ordering problem with ProtoNSEC3s. 2005-11-06 David Blacka * Actually use the --iterations command line option of jdnssec-signzone. 2005-10-27 David Blacka * Add NSEC3 support for jdnssec-signzone. * Remove support for plain Opt-In (until private algorithms work). * release version 0.4.0. 2005-08-14 David Blacka * Move the signZone function into the SignZone class (from the SignUtils) class. * General cleanup. * Add local _jdnssec-* shell wrappers. These use build/classes in the classpath so can be used to run the tools right out of the build area. 2005-08-13 David Blacka * Update to DNSjava 2.0.0 * Refactor command line parsing. * Switch to using java.util.logging for logging.