Here is a provisional roadmap for the upcoming releases of YADIFA. Click on the links for a listing of the key features included in each release.
Release 2.5
Supported operating systems
- MacOS X
- Linux (Debian, CentOS, Arch, ...)
- *BSD (OpenBSD, FreeBSD)
- Solaris
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
- full featured client (yadifa), which can be used to control the server
- key management, including a tool to generate dnssec keys
- multi-master support
- support for other network models
- detect and configure hyperthreading
- support for openssl 1.1.0 API
- re-implementation of configuration
- re-signing zone file
- fully automated signing of zones and key-roll over
- TTL
- ORIGIN
- *(wildcard)
- @ (in zone file)
- RSA
- DSA
- ECDSA
Mechanisms implemented for DNSSEC
Directives and special constructs
Resource Record types
| Type | Value | Supported | References |
|---|---|---|---|
| A | 1 | Y | [RFC1035] |
| NS | 2 | Y | [RFC1035] |
| MD | 3 | Y | [RFC1035] |
| MF | 4 | Y | [RFC1035] |
| CNAME | 5 | Y | [RFC1035] |
| SOA | 6 | Y | [RFC1035] |
| MB | 7 | Y | [RFC1035] |
| MG | 8 | Y | [RFC1035] |
| MR | 9 | Y | [RFC1035] |
| WKS | 11 | Y | [RFC1035] |
| PTR | 12 | Y | [RFC1035] |
| HINFO | 13 | Y | [RFC1035] |
| MX | 15 | Y | [RFC1035] |
| TXT | 16 | Y | [RFC1035] |
| AAAA | 28 | Y | [RFC3596] |
| SRV | 33 | Y | [RFC2782] |
| NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
| DS | 43 | Y | [RFC4034][RFC3658] |
| SSHFP | 44 | Y | [RFC4255] |
| RRSIG | 46 | Y | [RFC4034][RFC3755] |
| NSEC | 47 | Y | [RFC4034][RFC3755] |
| DNSKEY | 48 | Y | [RFC4034][RFC3755] |
| NSEC3 | 50 | Y | [RFC5155] |
| NSEC3PARAM | 51 | Y | [RFC5155] |
| TLSA | 52 | Y | [RFC6698] |
Algorithms implemented
| Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
|---|---|---|---|---|
| 3 | DSA | y | [RFC3755][RFC2536] | OPTIONAL |
| 5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
| 6 | DSA-NSEC3-SHA1 | y | [RFC5155] | OPTIONAL |
| 7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |
| 8 | RSASHA256 | y | [RFC5702] | - |
| 10 | RSASHA512 | y | [RFC5702] | - |
| 13 | ECDSAP256SHA256 | y | [RFC6605] | - |
| 14 | ECDSAP384SHA384 | y | [RFC6605] | - |
Release 2.4
Supported operating systems
- MacOS X
- Linux (Debian, CentOS, Arch, ...)
- *BSD (OpenBSD, FreeBSD)
- Solaris
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
- full featured client (yadifa), which can be used to control the server
- key management, including a tool to generate dnssec keys
- multi-master support
- support for other network models
- detect and configure hyperthreading
- support for openssl 1.1.0 API
- re-signing zone file
- fully automated signing of zones and key-roll over
- TTL
- ORIGIN
- *(wildcard)
- @ (in zone file)
- RSA
- DSA
- ECDSA
Mechanisms implemented for DNSSEC
Directives and special constructs
Resource Record types
| Type | Value | Supported | References |
|---|---|---|---|
| A | 1 | Y | [RFC1035] |
| NS | 2 | Y | [RFC1035] |
| MD | 3 | Y | [RFC1035] |
| MF | 4 | Y | [RFC1035] |
| CNAME | 5 | Y | [RFC1035] |
| SOA | 6 | Y | [RFC1035] |
| MB | 7 | Y | [RFC1035] |
| MG | 8 | Y | [RFC1035] |
| MR | 9 | Y | [RFC1035] |
| WKS | 11 | Y | [RFC1035] |
| PTR | 12 | Y | [RFC1035] |
| HINFO | 13 | Y | [RFC1035] |
| MX | 15 | Y | [RFC1035] |
| TXT | 16 | Y | [RFC1035] |
| AAAA | 28 | Y | [RFC3596] |
| SRV | 33 | Y | [RFC2782] |
| NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
| DS | 43 | Y | [RFC4034][RFC3658] |
| SSHFP | 44 | Y | [RFC4255] |
| RRSIG | 46 | Y | [RFC4034][RFC3755] |
| NSEC | 47 | Y | [RFC4034][RFC3755] |
| DNSKEY | 48 | Y | [RFC4034][RFC3755] |
| NSEC3 | 50 | Y | [RFC5155] |
| NSEC3PARAM | 51 | Y | [RFC5155] |
| TLSA | 52 | Y | [RFC6698] |
Algorithms implemented
| Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
|---|---|---|---|---|
| 3 | DSA | y | [RFC3755][RFC2536] | OPTIONAL |
| 5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
| 6 | DSA-NSEC3-SHA1 | y | [RFC5155] | OPTIONAL |
| 7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |
| 8 | RSASHA256 | y | [RFC5702] | - |
| 10 | RSASHA512 | y | [RFC5702] | - |
| 13 | ECDSAP256SHA256 | y | [RFC6605] | - |
| 14 | ECDSAP384SHA384 | y | [RFC6605] | - |
Release 2.3
Supported operating systems
- MacOS X
- Linux (Debian, CentOS, Arch, ...)
- *BSD (OpenBSD, FreeBSD)
- Solaris
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
- full featured client (yadifa), which can be used to control the server
- key management, including a tool to generate dnssec keys
- multi-master support
- support for other network models
- detect and configure hyperthreading
- re-signing zone file
- fully automated signing of zones and key-roll over
- TTL
- ORIGIN
- *(wildcard)
- @ (in zone file)
- RSA
- DSA
- ECDSA
Mechanisms implemented for DNSSEC
Directives and special constructs
Resource Record types
| Type | Value | Supported | References |
|---|---|---|---|
| A | 1 | Y | [RFC1035] |
| NS | 2 | Y | [RFC1035] |
| MD | 3 | Y | [RFC1035] |
| MF | 4 | Y | [RFC1035] |
| CNAME | 5 | Y | [RFC1035] |
| SOA | 6 | Y | [RFC1035] |
| MB | 7 | Y | [RFC1035] |
| MG | 8 | Y | [RFC1035] |
| MR | 9 | Y | [RFC1035] |
| WKS | 11 | Y | [RFC1035] |
| PTR | 12 | Y | [RFC1035] |
| HINFO | 13 | Y | [RFC1035] |
| MX | 15 | Y | [RFC1035] |
| TXT | 16 | Y | [RFC1035] |
| AAAA | 28 | Y | [RFC3596] |
| SRV | 33 | Y | [RFC2782] |
| NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
| DS | 43 | Y | [RFC4034][RFC3658] |
| SSHFP | 44 | Y | [RFC4255] |
| RRSIG | 46 | Y | [RFC4034][RFC3755] |
| NSEC | 47 | Y | [RFC4034][RFC3755] |
| DNSKEY | 48 | Y | [RFC4034][RFC3755] |
| NSEC3 | 50 | Y | [RFC5155] |
| NSEC3PARAM | 51 | Y | [RFC5155] |
| TLSA | 52 | Y | [RFC6698] |
Algorithms implemented
| Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
|---|---|---|---|---|
| 3 | DSA | y | [RFC3755][RFC2536] | OPTIONAL |
| 5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
| 6 | DSA-NSEC3-SHA1 | y | [RFC5155] | OPTIONAL |
| 7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |
| 8 | RSASHA256 | y | [RFC5702] | - |
| 10 | RSASHA512 | y | [RFC5702] | - |
| 13 | ECDSAP256SHA256 | y | [RFC6605] | - |
| 14 | ECDSAP384SHA384 | y | [RFC6605] | - |
Release 2.2 (2016-07)
Supported operating systems
- MacOS X
- Linux (Debian, CentOS, Arch, ...)
- *BSD (OpenBSD, FreeBSD)
- Solaris
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
- full featured client (yadifa), which can be used to control the server
- key management, including a tool to generate dnssec keys
- multi-master support
- support for other network models
- re-signing zone file
- fully automated signing of zones and key-roll over
- TTL
- ORIGIN
- *(wildcard)
- @ (in zone file)
- RSA
- DSA
- ECDSA
Mechanisms implemented for DNSSEC
Directives and special constructs
Resource Record types
| Type | Value | Supported | References |
|---|---|---|---|
| A | 1 | Y | [RFC1035] |
| NS | 2 | Y | [RFC1035] |
| MD | 3 | Y | [RFC1035] |
| MF | 4 | Y | [RFC1035] |
| CNAME | 5 | Y | [RFC1035] |
| SOA | 6 | Y | [RFC1035] |
| MB | 7 | Y | [RFC1035] |
| MG | 8 | Y | [RFC1035] |
| MR | 9 | Y | [RFC1035] |
| WKS | 11 | Y | [RFC1035] |
| PTR | 12 | Y | [RFC1035] |
| HINFO | 13 | Y | [RFC1035] |
| MX | 15 | Y | [RFC1035] |
| TXT | 16 | Y | [RFC1035] |
| AAAA | 28 | Y | [RFC3596] |
| SRV | 33 | Y | [RFC2782] |
| NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
| DS | 43 | Y | [RFC4034][RFC3658] |
| SSHFP | 44 | Y | [RFC4255] |
| RRSIG | 46 | Y | [RFC4034][RFC3755] |
| NSEC | 47 | Y | [RFC4034][RFC3755] |
| DNSKEY | 48 | Y | [RFC4034][RFC3755] |
| NSEC3 | 50 | Y | [RFC5155] |
| NSEC3PARAM | 51 | Y | [RFC5155] |
| TLSA | 52 | Y | [RFC6698] |
Algorithms implemented
| Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
|---|---|---|---|---|
| 3 | DSA | y | [RFC3755][RFC2536] | OPTIONAL |
| 5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
| 6 | DSA-NSEC3-SHA1 | y | [RFC5155] | OPTIONAL |
| 7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |
| 8 | RSASHA256 | y | [RFC5702] | - |
| 10 | RSASHA512 | y | [RFC5702] | - |
| 13 | ECDSAP256SHA256 | y | [RFC6605] | - |
| 14 | ECDSAP384SHA384 | y | [RFC6605] | - |
Release 2.1 (2015-04)
Supported operating systems
- MacOS X
- Linux (Ubuntu, CentOS, ...)
- *BSD (OpenBSD, FreeBSD)
- Solaris
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
- full featured client (yadifa), which can be used to control the server
Mechanisms implemented for DNSSEC
- re-signing zone file
Directives and special constructs
- TTL
- ORIGIN
- *(wildcard)
- @ (in zone file)
Resource Record types
| Type | Value | Supported | References |
|---|---|---|---|
| A | 1 | Y | [RFC1035] |
| NS | 2 | Y | [RFC1035] |
| MD | 3 | Y | [RFC1035] |
| MF | 4 | Y | [RFC1035] |
| CNAME | 5 | Y | [RFC1035] |
| SOA | 6 | Y | [RFC1035] |
| MB | 7 | Y | [RFC1035] |
| MG | 8 | Y | [RFC1035] |
| MR | 9 | Y | [RFC1035] |
| WKS | 11 | Y | [RFC1035] |
| PTR | 12 | Y | [RFC1035] |
| HINFO | 13 | Y | [RFC1035] |
| MX | 15 | Y | [RFC1035] |
| TXT | 16 | Y | [RFC1035] |
| AAAA | 28 | Y | [RFC3596] |
| SRV | 33 | Y | [RFC2782] |
| NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
| DS | 43 | Y | [RFC4034][RFC3658] |
| SSHFP | 44 | Y | [RFC4255] |
| RRSIG | 46 | Y | [RFC4034][RFC3755] |
| NSEC | 47 | Y | [RFC4034][RFC3755] |
| DNSKEY | 48 | Y | [RFC4034][RFC3755] |
| NSEC3 | 50 | Y | [RFC5155] |
| NSEC3PARAM | 51 | Y | [RFC5155] |
| TLSA | 52 | Y | [RFC6698] |
Algorithms implemented
- RSA
- DSA
| Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
|---|---|---|---|---|
| 3 | DSA | y | [RFC3755][RFC2536] | OPTIONAL |
| 5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
| 6 | DSA-NSEC3-SHA1 | y | [RFC5155] | OPTIONAL |
| 7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |
| 8 | RSASHA256 | y | [RFC5702] | - |
| 10 | RSASHA512 | y | [RFC5702] | - |
Release 2.0 (2014-09)
Supported operating systems
- MacOS X
- Linux (Ubuntu, CentOS, ...)
- FreeBSD
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
- full featured client (yadifa), which can be used to control the server
Mechanisms implemented for DNSSEC
- re-signing zone file
Directives and special constructs
- TTL
- ORIGIN
- *(wildcard)
- @ (in zone file)
Resource Record types
| Type | Value | Supported | References |
|---|---|---|---|
| A | 1 | Y | [RFC1035] |
| NS | 2 | Y | [RFC1035] |
| MD | 3 | Y | [RFC1035] |
| MF | 4 | Y | [RFC1035] |
| CNAME | 5 | Y | [RFC1035] |
| SOA | 6 | Y | [RFC1035] |
| MB | 7 | Y | [RFC1035] |
| MG | 8 | Y | [RFC1035] |
| MR | 9 | Y | [RFC1035] |
| WKS | 11 | Y | [RFC1035] |
| PTR | 12 | Y | [RFC1035] |
| HINFO | 13 | Y | [RFC1035] |
| MX | 15 | Y | [RFC1035] |
| TXT | 16 | Y | [RFC1035] |
| AAAA | 28 | Y | [RFC3596] |
| SRV | 33 | Y | [RFC2782] |
| NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
| DS | 43 | Y | [RFC4034][RFC3658] |
| SSHFP | 44 | Y | [RFC4255] |
| RRSIG | 46 | Y | [RFC4034][RFC3755] |
| NSEC | 47 | Y | [RFC4034][RFC3755] |
| DNSKEY | 48 | Y | [RFC4034][RFC3755] |
| NSEC3 | 50 | Y | [RFC5155] |
| NSEC3PARAM | 51 | Y | [RFC5155] |
| TLSA | 52 | Y | [RFC6698] |
Algorithms implemented
- RSA
- DSA
| Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
|---|---|---|---|---|
| 3 | DSA | y | [RFC3755][RFC2536] | OPTIONAL |
| 5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
| 6 | DSA-NSEC3-SHA1 | y | [RFC5155] | OPTIONAL |
| 7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |
| 8 | RSASHA256 | y | [RFC5702] | - |
| 10 | RSASHA512 | y | [RFC5702] | - |
Extra
- more generic parser
- internal rearrangements
- preparation for new functionality (dynamic provisioning, ...)
Release 1.0 (2012-06)
Supported operating systems
- MacOS X
- Linux (Ubuntu, CentOS, ...)
- FreeBSD
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
Mechanisms implemented for DNSSEC
- re-signing zone file
Directives and special constructs
- TTL
- ORIGIN
- *(wildcard)
Resource Record types
| Type | Value | Supported | References |
|---|---|---|---|
| A | 1 | Y | [RFC1035] |
| NS | 2 | Y | [RFC1035] |
| MD | 3 | Y | [RFC1035] |
| MF | 4 | Y | [RFC1035] |
| CNAME | 5 | Y | [RFC1035] |
| SOA | 6 | Y | [RFC1035] |
| MB | 7 | Y | [RFC1035] |
| MG | 8 | Y | [RFC1035] |
| MR | 9 | Y | [RFC1035] |
| WKS | 11 | Y | [RFC1035] |
| PTR | 12 | Y | [RFC1035] |
| HINFO | 13 | Y | [RFC1035] |
| MX | 15 | Y | [RFC1035] |
| TXT | 16 | Y | [RFC1035] |
| AAAA | 28 | Y | [RFC3596] |
| SRV | 33 | Y | [RFC2782] |
| NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
| DS | 43 | Y | [RFC4034][RFC3658] |
| SSHFP | 44 | Y | [RFC4255] |
| RRSIG | 46 | Y | [RFC4034][RFC3755] |
| NSEC | 47 | Y | [RFC4034][RFC3755] |
| DNSKEY | 48 | Y | [RFC4034][RFC3755] |
| NSEC3 | 50 | Y | [RFC5155] |
| NSEC3PARAM | 51 | Y | [RFC5155] |
Algorithms implemented
- RSA
| Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
|---|---|---|---|---|
| 5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
| 7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |