jdnssec-tools/ChangeLog
David Blacka 66f9e9b76c add KeyInfoTool
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@88 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2006-09-10 17:05:18 +00:00

141 lines
4.2 KiB
Plaintext

2006-09-10 David Blacka <davidb@fury.blacka.com>
* Added the "KeyInfoTool" command line tool as the start of a tool
for decoding DNSKEY information. Right now, mostly just useful
for checking the public exponenent of RSA keys.
* Added the "-e" option to jdnssec-keygen, to instruct the key
generator to use the (common) large exponent in RSA key
generation.
2006-08-31 David Blacka <davidb@fury.blacka.com>
* Modified jdnssec-signzone to set the ttls of NSEC3 records (so
far) to the SOA minimum value.
* Add NSEC3PARAM support for compatibility with the -07 NSEC3
draft.
2006-05-24 David Blacka <davidb@verisignlabs.com>
* Add some error checking for the NSEC3 command line parameters
for jdnssec-signzone.
* Update local dnsjava build to 2.0.1. This also contains a
change to the NSEC3 rdata format (as per the -06pre NSEC3 draft).
The change is the addition of a "next hashed owner name" length
octet.
* Modified the jdnssec-* shell wrappers to also use the local
build area version of the jdnssec-tools.jar file. This allows the
standard jdnssec-* wrappers to work right from the build area.
* Add support of the SHA256 algorithm for DS records. This uses
the SHA256 class that I obtained from Scott Rose (thanks Scott!).
* Change the name of the package and jar file to jdnssec-tools
(from java-dnssec-tools) for consistency.
* release version 0.7.0.
2006-05-23 David Blacka <davidb@verisignlabs.com>
* Add support for algorithm aliases. This feature is so that the
user can declare the DNSKEY algorithm x is the same as algorithm 5
(e.g.). So far, this only works with straight integer algorithm
identifiers (no private alg support yet).
* Fix jdnssec-signzone so that you can specify multiple KSKs on
the command line. Apparently, commons-cli actually does handle
repeating command line options correctly.
2006-05-03 David Blacka <davidb@verisignlabs.com>
* Add preliminary implementation of jdnssec-dstool. This is a
simple command line tool that takes a DNSKEY record and converts
it into a DS record (or a DLV record). Right now, it requires
that the key is stored in a file ending with '.key'.
* release version 0.6.0.
2006-03-15 David Blacka <davidb@verisignlabs.com>
* Type map changes for NSEC3, corresponding to changes in draft
-05pre. Essentially: NSEC3 and RRSIG bits are not set for most
(all) NSEC3 records any longer.
2006-03-06 David Blacka <davidb@verisignlabs.com>
* release version 0.5.0.
2006-02-16 David Blacka <davidb@verisignlabs.com>
* Make RecordComparator also compare RDATA so the removeDuplicates
step actually works reliabled. This was masked by the dupicate
suppression in org.xbill.DNS.RRset.
* Only allow one command line specified KSK since commons-cli
doesn't seem to handle multi-arg options correctly.
* Do not croak on the lack of the command-line keys for now.
* New version of local dnsjava build containing NSEC3 changes
corresponding to the -04pre draft.
2005-11-16 David Blacka <davidb@verisignlabs.com>
* Make jdnssec-verifyzone work with just the zone (which is
self-signed anyway).
* release version 0.4.2.
2005-11-09 David Blacka <davidb@verisignlabs.com>
* Add original ownername comments to the NSEC3 generation.
2005-11-08 David Blacka <davidb@verisignlabs.com>
* New zone formatter.
* Misc bug fixes.
* release version 0.4.1.
2005-11-07 David Blacka <davidb@verisignlabs.com>
* Update the local dnsjava build with a bugfix.
* Fix ordering problem with ProtoNSEC3s.
2005-11-06 David Blacka <davidb@verisignlabs.com>
* Actually use the --iterations command line option of
jdnssec-signzone.
2005-10-27 David Blacka <davidb@verisignlabs.com>
* Add NSEC3 support for jdnssec-signzone.
* Remove support for plain Opt-In (until private algorithms work).
* release version 0.4.0.
2005-08-14 David Blacka <davidb@verisignlabs.com>
* Move the signZone function into the SignZone class (from the
SignUtils) class.
* General cleanup.
* Add local _jdnssec-* shell wrappers. These use build/classes in
the classpath so can be used to run the tools right out of the
build area.
2005-08-13 David Blacka <davidb@verisignlabs.com>
* Update to DNSjava 2.0.0
* Refactor command line parsing.
* Switch to using java.util.logging for logging.