Roadmap

Here is a provisional roadmap for the upcoming releases of YADIFA. Click on the links for a listing of the key features included in each release.

Release 3.0

Supported operating systems

  • MacOS X
  • Linux (Debian, CentOS, Arch, ...)
  • *BSD (FreeBSD)
  • Solaris

Functionality

  • authoritative name server
  • DNS UPDATE
  • DNS NOTIFY
  • AXFR
  • IXFR
  • full featured client (yadifa), which can be used to control the server
  • key management, including a tool to generate dnssec keys
  • multi-master support
  • support for other network models
  • detect and configure hyperthreading
  • support for openssl 1.1.0 API
  • new database
  • Mechanisms implemented for DNSSEC

    • re-signing zone file
    • fully automated signing of zones and key-roll over

    Directives and special constructs

    • TTL
    • ORIGIN
    • *(wildcard)
    • @ (in zone file)

    Resource Record types

    Type Value Supported References
    A 1 Y [RFC1035]
    NS 2 Y [RFC1035]
    MD 3 Y [RFC1035]
    MF 4 Y [RFC1035]
    CNAME 5 Y [RFC1035]
    SOA 6 Y [RFC1035]
    MB 7 Y [RFC1035]
    MG 8 Y [RFC1035]
    MR 9 Y [RFC1035]
    WKS 11 Y [RFC1035]
    PTR 12 Y [RFC1035]
    HINFO 13 Y [RFC1035]
    MX 15 Y [RFC1035]
    TXT 16 Y [RFC1035]
    AAAA 28 Y [RFC3596]
    SRV 33 Y [RFC2782]
    NAPTR 35 Y [RFC2915][RFC2168][RFC3403]
    DS 43 Y [RFC4034][RFC3658]
    SSHFP 44 Y [RFC4255]
    RRSIG 46 Y [RFC4034][RFC3755]
    NSEC 47 Y [RFC4034][RFC3755]
    DNSKEY 48 Y [RFC4034][RFC3755]
    NSEC3 50 Y [RFC5155]
    NSEC3PARAM 51 Y [RFC5155]
    TLSA 52 Y [RFC6698]

    Algorithms implemented

    • RSA
    • DSA
    • ECDSA

    Value Algorithm [Mnemonic] Zone Signing References Status
    3 DSA y [RFC3755][RFC2536] OPTIONAL
    5 RSASHA1 y [RFC3110][RFC4034] MANDATORY
    6 DSA-NSEC3-SHA1 y [RFC5155] OPTIONAL
    7 RSASHA1-NSEC3-SHA1 y [RFC5155] MANDATORY
    8 RSASHA256 y [RFC5702] -
    10 RSASHA512 y [RFC5702] -
    13 ECDSAP256SHA256 y [RFC6605] -
    14 ECDSAP384SHA384 y [RFC6605] -
Release 2.6

Supported operating systems

  • MacOS X
  • Linux (Debian, CentOS, Arch, ...)
  • *BSD (FreeBSD)
  • Solaris

Functionality

  • authoritative name server
  • DNS UPDATE
  • DNS NOTIFY
  • AXFR
  • IXFR
  • full featured client (yadifa), which can be used to control the server
  • key management, including a tool to generate dnssec keys
  • multi-master support
  • support for other network models
  • detect and configure hyperthreading
  • support for openssl 1.1.0 API
  • specify source address
  • allow signing with zone signing keys only
  • Mechanisms implemented for DNSSEC

    • re-signing zone file
    • fully automated signing of zones and key-roll over

    Directives and special constructs

    • TTL
    • ORIGIN
    • *(wildcard)
    • @ (in zone file)

    Resource Record types

    Type Value Supported References
    A 1 Y [RFC1035]
    NS 2 Y [RFC1035]
    MD 3 Y [RFC1035]
    MF 4 Y [RFC1035]
    CNAME 5 Y [RFC1035]
    SOA 6 Y [RFC1035]
    MB 7 Y [RFC1035]
    MG 8 Y [RFC1035]
    MR 9 Y [RFC1035]
    WKS 11 Y [RFC1035]
    PTR 12 Y [RFC1035]
    HINFO 13 Y [RFC1035]
    MX 15 Y [RFC1035]
    TXT 16 Y [RFC1035]
    AAAA 28 Y [RFC3596]
    SRV 33 Y [RFC2782]
    NAPTR 35 Y [RFC2915][RFC2168][RFC3403]
    DS 43 Y [RFC4034][RFC3658]
    SSHFP 44 Y [RFC4255]
    RRSIG 46 Y [RFC4034][RFC3755]
    NSEC 47 Y [RFC4034][RFC3755]
    DNSKEY 48 Y [RFC4034][RFC3755]
    NSEC3 50 Y [RFC5155]
    NSEC3PARAM 51 Y [RFC5155]
    TLSA 52 Y [RFC6698]

    Algorithms implemented

    • RSA
    • DSA
    • ECDSA

    Value Algorithm [Mnemonic] Zone Signing References Status
    3 DSA y [RFC3755][RFC2536] OPTIONAL
    5 RSASHA1 y [RFC3110][RFC4034] MANDATORY
    6 DSA-NSEC3-SHA1 y [RFC5155] OPTIONAL
    7 RSASHA1-NSEC3-SHA1 y [RFC5155] MANDATORY
    8 RSASHA256 y [RFC5702] -
    10 RSASHA512 y [RFC5702] -
    13 ECDSAP256SHA256 y [RFC6605] -
    14 ECDSAP384SHA384 y [RFC6605] -
Release 2.5

Supported operating systems

  • MacOS X
  • Linux (Debian, CentOS, Arch, ...)
  • *BSD (OpenBSD, FreeBSD)
  • Solaris

Functionality

  • authoritative name server
  • DNS UPDATE
  • DNS NOTIFY
  • AXFR
  • IXFR
  • full featured client (yadifa), which can be used to control the server
  • key management, including a tool to generate dnssec keys
  • multi-master support
  • support for other network models
  • detect and configure hyperthreading
  • support for openssl 1.1.0 API
  • re-implementation of configuration
  • Mechanisms implemented for DNSSEC

    • re-signing zone file
    • fully automated signing of zones and key-roll over

    Directives and special constructs

    • TTL
    • ORIGIN
    • *(wildcard)
    • @ (in zone file)

    Resource Record types

    Type Value Supported References
    A 1 Y [RFC1035]
    NS 2 Y [RFC1035]
    MD 3 Y [RFC1035]
    MF 4 Y [RFC1035]
    CNAME 5 Y [RFC1035]
    SOA 6 Y [RFC1035]
    MB 7 Y [RFC1035]
    MG 8 Y [RFC1035]
    MR 9 Y [RFC1035]
    WKS 11 Y [RFC1035]
    PTR 12 Y [RFC1035]
    HINFO 13 Y [RFC1035]
    MX 15 Y [RFC1035]
    TXT 16 Y [RFC1035]
    AAAA 28 Y [RFC3596]
    SRV 33 Y [RFC2782]
    NAPTR 35 Y [RFC2915][RFC2168][RFC3403]
    DS 43 Y [RFC4034][RFC3658]
    SSHFP 44 Y [RFC4255]
    RRSIG 46 Y [RFC4034][RFC3755]
    NSEC 47 Y [RFC4034][RFC3755]
    DNSKEY 48 Y [RFC4034][RFC3755]
    NSEC3 50 Y [RFC5155]
    NSEC3PARAM 51 Y [RFC5155]
    TLSA 52 Y [RFC6698]

    Algorithms implemented

    • RSA
    • DSA
    • ECDSA

    Value Algorithm [Mnemonic] Zone Signing References Status
    3 DSA y [RFC3755][RFC2536] OPTIONAL
    5 RSASHA1 y [RFC3110][RFC4034] MANDATORY
    6 DSA-NSEC3-SHA1 y [RFC5155] OPTIONAL
    7 RSASHA1-NSEC3-SHA1 y [RFC5155] MANDATORY
    8 RSASHA256 y [RFC5702] -
    10 RSASHA512 y [RFC5702] -
    13 ECDSAP256SHA256 y [RFC6605] -
    14 ECDSAP384SHA384 y [RFC6605] -
Release 2.4

Supported operating systems

  • MacOS X
  • Linux (Debian, CentOS, Arch, ...)
  • *BSD (OpenBSD, FreeBSD)
  • Solaris

Functionality

  • authoritative name server
  • DNS UPDATE
  • DNS NOTIFY
  • AXFR
  • IXFR
  • full featured client (yadifa), which can be used to control the server
  • key management, including a tool to generate dnssec keys
  • multi-master support
  • support for other network models
  • detect and configure hyperthreading
  • support for openssl 1.1.0 API
  • Mechanisms implemented for DNSSEC

    • re-signing zone file
    • fully automated signing of zones and key-roll over

    Directives and special constructs

    • TTL
    • ORIGIN
    • *(wildcard)
    • @ (in zone file)

    Resource Record types

    Type Value Supported References
    A 1 Y [RFC1035]
    NS 2 Y [RFC1035]
    MD 3 Y [RFC1035]
    MF 4 Y [RFC1035]
    CNAME 5 Y [RFC1035]
    SOA 6 Y [RFC1035]
    MB 7 Y [RFC1035]
    MG 8 Y [RFC1035]
    MR 9 Y [RFC1035]
    WKS 11 Y [RFC1035]
    PTR 12 Y [RFC1035]
    HINFO 13 Y [RFC1035]
    MX 15 Y [RFC1035]
    TXT 16 Y [RFC1035]
    AAAA 28 Y [RFC3596]
    SRV 33 Y [RFC2782]
    NAPTR 35 Y [RFC2915][RFC2168][RFC3403]
    DS 43 Y [RFC4034][RFC3658]
    SSHFP 44 Y [RFC4255]
    RRSIG 46 Y [RFC4034][RFC3755]
    NSEC 47 Y [RFC4034][RFC3755]
    DNSKEY 48 Y [RFC4034][RFC3755]
    NSEC3 50 Y [RFC5155]
    NSEC3PARAM 51 Y [RFC5155]
    TLSA 52 Y [RFC6698]

    Algorithms implemented

    • RSA
    • DSA
    • ECDSA

    Value Algorithm [Mnemonic] Zone Signing References Status
    3 DSA y [RFC3755][RFC2536] OPTIONAL
    5 RSASHA1 y [RFC3110][RFC4034] MANDATORY
    6 DSA-NSEC3-SHA1 y [RFC5155] OPTIONAL
    7 RSASHA1-NSEC3-SHA1 y [RFC5155] MANDATORY
    8 RSASHA256 y [RFC5702] -
    10 RSASHA512 y [RFC5702] -
    13 ECDSAP256SHA256 y [RFC6605] -
    14 ECDSAP384SHA384 y [RFC6605] -
Release 2.3

Supported operating systems

  • MacOS X
  • Linux (Debian, CentOS, Arch, ...)
  • *BSD (OpenBSD, FreeBSD)
  • Solaris

Functionality

Release 2.2 (2016-07)

Supported operating systems

  • MacOS X
  • Linux (Debian, CentOS, Arch, ...)
  • *BSD (OpenBSD, FreeBSD)
  • Solaris

Functionality

Release 2.1 (2015-04)

Supported operating systems

  • MacOS X
  • Linux (Ubuntu, CentOS, ...)
  • *BSD (OpenBSD, FreeBSD)
  • Solaris

Functionality

  • authoritative name server
  • DNS UPDATE
  • DNS NOTIFY
  • AXFR
  • IXFR
  • full featured client (yadifa), which can be used to control the server

Mechanisms implemented for DNSSEC

  • re-signing zone file

Directives and special constructs

  • TTL
  • ORIGIN
  • *(wildcard)
  • @ (in zone file)

Resource Record types

Type Value Supported References
A 1 Y [RFC1035]
NS 2 Y [RFC1035]
MD 3 Y [RFC1035]
MF 4 Y [RFC1035]
CNAME 5 Y [RFC1035]
SOA 6 Y [RFC1035]
MB 7 Y [RFC1035]
MG 8 Y [RFC1035]
MR 9 Y [RFC1035]
WKS 11 Y [RFC1035]
PTR 12 Y [RFC1035]
HINFO 13 Y [RFC1035]
MX 15 Y [RFC1035]
TXT 16 Y [RFC1035]
AAAA 28 Y [RFC3596]
SRV 33 Y [RFC2782]
NAPTR 35 Y [RFC2915][RFC2168][RFC3403]
DS 43 Y [RFC4034][RFC3658]
SSHFP 44 Y [RFC4255]
RRSIG 46 Y [RFC4034][RFC3755]
NSEC 47 Y [RFC4034][RFC3755]
DNSKEY 48 Y [RFC4034][RFC3755]
NSEC3 50 Y [RFC5155]
NSEC3PARAM 51 Y [RFC5155]
TLSA 52 Y [RFC6698]

Algorithms implemented

  • RSA
  • DSA
Value Algorithm [Mnemonic] Zone Signing References Status
3 DSA y [RFC3755][RFC2536] OPTIONAL
5 RSASHA1 y [RFC3110][RFC4034] MANDATORY
6 DSA-NSEC3-SHA1 y [RFC5155] OPTIONAL
7 RSASHA1-NSEC3-SHA1 y [RFC5155] MANDATORY
8 RSASHA256 y [RFC5702] -
10 RSASHA512 y [RFC5702] -
Release 2.0 (2014-09)

Supported operating systems

  • MacOS X
  • Linux (Ubuntu, CentOS, ...)
  • FreeBSD

Functionality

  • authoritative name server
  • DNS UPDATE
  • DNS NOTIFY
  • AXFR
  • IXFR
  • full featured client (yadifa), which can be used to control the server

Mechanisms implemented for DNSSEC

  • re-signing zone file

Directives and special constructs

  • TTL
  • ORIGIN
  • *(wildcard)
  • @ (in zone file)

Resource Record types

Type Value Supported References
A 1 Y [RFC1035]
NS 2 Y [RFC1035]
MD 3 Y [RFC1035]
MF 4 Y [RFC1035]
CNAME 5 Y [RFC1035]
SOA 6 Y [RFC1035]
MB 7 Y [RFC1035]
MG 8 Y [RFC1035]
MR 9 Y [RFC1035]
WKS 11 Y [RFC1035]
PTR 12 Y [RFC1035]
HINFO 13 Y [RFC1035]
MX 15 Y [RFC1035]
TXT 16 Y [RFC1035]
AAAA 28 Y [RFC3596]
SRV 33 Y [RFC2782]
NAPTR 35 Y [RFC2915][RFC2168][RFC3403]
DS 43 Y [RFC4034][RFC3658]
SSHFP 44 Y [RFC4255]
RRSIG 46 Y [RFC4034][RFC3755]
NSEC 47 Y [RFC4034][RFC3755]
DNSKEY 48 Y [RFC4034][RFC3755]
NSEC3 50 Y [RFC5155]
NSEC3PARAM 51 Y [RFC5155]
TLSA 52 Y [RFC6698]

Algorithms implemented

  • RSA
  • DSA
Value Algorithm [Mnemonic] Zone Signing References Status
3 DSA y [RFC3755][RFC2536] OPTIONAL
5 RSASHA1 y [RFC3110][RFC4034] MANDATORY
6 DSA-NSEC3-SHA1 y [RFC5155] OPTIONAL
7 RSASHA1-NSEC3-SHA1 y [RFC5155] MANDATORY
8 RSASHA256 y [RFC5702] -
10 RSASHA512 y [RFC5702] -

Extra

  • more generic parser
  • internal rearrangements
  • preparation for new functionality (dynamic provisioning, ...)
Release 1.0 (2012-06)

Supported operating systems

  • MacOS X
  • Linux (Ubuntu, CentOS, ...)
  • FreeBSD

Functionality

  • authoritative name server
  • DNS UPDATE
  • DNS NOTIFY
  • AXFR
  • IXFR

Mechanisms implemented for DNSSEC

  • re-signing zone file

Directives and special constructs

  • TTL
  • ORIGIN
  • *(wildcard)

Resource Record types

Type Value Supported References
A 1 Y [RFC1035]
NS 2 Y [RFC1035]
MD 3 Y [RFC1035]
MF 4 Y [RFC1035]
CNAME 5 Y [RFC1035]
SOA 6 Y [RFC1035]
MB 7 Y [RFC1035]
MG 8 Y [RFC1035]
MR 9 Y [RFC1035]
WKS 11 Y [RFC1035]
PTR 12 Y [RFC1035]
HINFO 13 Y [RFC1035]
MX 15 Y [RFC1035]
TXT 16 Y [RFC1035]
AAAA 28 Y [RFC3596]
SRV 33 Y [RFC2782]
NAPTR 35 Y [RFC2915][RFC2168][RFC3403]
DS 43 Y [RFC4034][RFC3658]
SSHFP 44 Y [RFC4255]
RRSIG 46 Y [RFC4034][RFC3755]
NSEC 47 Y [RFC4034][RFC3755]
DNSKEY 48 Y [RFC4034][RFC3755]
NSEC3 50 Y [RFC5155]
NSEC3PARAM 51 Y [RFC5155]

Algorithms implemented

  • RSA
Value Algorithm [Mnemonic] Zone Signing References Status
5 RSASHA1 y [RFC3110][RFC4034] MANDATORY
7 RSASHA1-NSEC3-SHA1 y [RFC5155] MANDATORY


Download YADIFA