[Freeipa-devel] DNSSEC postponed to FreeIPA 4.1
Martin Kosek
mkosek at redhat.com
Fri Jun 27 12:51:10 UTC 2014
Given that FreeIPA 4.0 is about to be released in near days and there are still
security concerns and related developers about secure key exchange, I decided
to move the feature to FreeIPA 4.1 to give it more time to bake. See details in
https://fedorahosted.org/freeipa/ticket/3801#comment:25.
In FreeIPA 4.0 we would still like to do at least an experimental support with
providing manual procedure how to generate the DNSSEC signing keys and how to
distribute them between replicas. This is about to be automated in next version.
New experimental DNSSEC support RFE with detailed scope:
https://fedorahosted.org/freeipa/ticket/4408
Please tell me if there are any concerns or updates.
--
Martin Kosek <mkosek at redhat.com>
Supervisor, Software Engineering - Identity Management Team
Red Hat Inc.
More information about the Freeipa-devel
mailing list