Here is a provisional roadmap for the upcoming releases of YADIFA. Click on the links for a listing of the key features included in each release.
Release 2.5
Supported operating systems
- MacOS X
- Linux (Debian, CentOS, Arch, ...)
- *BSD (OpenBSD, FreeBSD)
- Solaris
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
- full featured client (yadifa), which can be used to control the server
- key management, including a tool to generate dnssec keys
- multi-master support
- support for other network models
- detect and configure hyperthreading
- support for openssl 1.1.0 API
- re-implementation of configuration
- re-signing zone file
- fully automated signing of zones and key-roll over
- TTL
- ORIGIN
- *(wildcard)
- @ (in zone file)
- RSA
- DSA
- ECDSA
Mechanisms implemented for DNSSEC
Directives and special constructs
Resource Record types
Type | Value | Supported | References |
---|---|---|---|
A | 1 | Y | [RFC1035] |
NS | 2 | Y | [RFC1035] |
MD | 3 | Y | [RFC1035] |
MF | 4 | Y | [RFC1035] |
CNAME | 5 | Y | [RFC1035] |
SOA | 6 | Y | [RFC1035] |
MB | 7 | Y | [RFC1035] |
MG | 8 | Y | [RFC1035] |
MR | 9 | Y | [RFC1035] |
WKS | 11 | Y | [RFC1035] |
PTR | 12 | Y | [RFC1035] |
HINFO | 13 | Y | [RFC1035] |
MX | 15 | Y | [RFC1035] |
TXT | 16 | Y | [RFC1035] |
AAAA | 28 | Y | [RFC3596] |
SRV | 33 | Y | [RFC2782] |
NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
DS | 43 | Y | [RFC4034][RFC3658] |
SSHFP | 44 | Y | [RFC4255] |
RRSIG | 46 | Y | [RFC4034][RFC3755] |
NSEC | 47 | Y | [RFC4034][RFC3755] |
DNSKEY | 48 | Y | [RFC4034][RFC3755] |
NSEC3 | 50 | Y | [RFC5155] |
NSEC3PARAM | 51 | Y | [RFC5155] |
TLSA | 52 | Y | [RFC6698] |
Algorithms implemented
Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
---|---|---|---|---|
3 | DSA | y | [RFC3755][RFC2536] | OPTIONAL |
5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
6 | DSA-NSEC3-SHA1 | y | [RFC5155] | OPTIONAL |
7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |
8 | RSASHA256 | y | [RFC5702] | - |
10 | RSASHA512 | y | [RFC5702] | - |
13 | ECDSAP256SHA256 | y | [RFC6605] | - |
14 | ECDSAP384SHA384 | y | [RFC6605] | - |
Release 2.4
Supported operating systems
- MacOS X
- Linux (Debian, CentOS, Arch, ...)
- *BSD (OpenBSD, FreeBSD)
- Solaris
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
- full featured client (yadifa), which can be used to control the server
- key management, including a tool to generate dnssec keys
- multi-master support
- support for other network models
- detect and configure hyperthreading
- support for openssl 1.1.0 API
- re-signing zone file
- fully automated signing of zones and key-roll over
- TTL
- ORIGIN
- *(wildcard)
- @ (in zone file)
- RSA
- DSA
- ECDSA
Mechanisms implemented for DNSSEC
Directives and special constructs
Resource Record types
Type | Value | Supported | References |
---|---|---|---|
A | 1 | Y | [RFC1035] |
NS | 2 | Y | [RFC1035] |
MD | 3 | Y | [RFC1035] |
MF | 4 | Y | [RFC1035] |
CNAME | 5 | Y | [RFC1035] |
SOA | 6 | Y | [RFC1035] |
MB | 7 | Y | [RFC1035] |
MG | 8 | Y | [RFC1035] |
MR | 9 | Y | [RFC1035] |
WKS | 11 | Y | [RFC1035] |
PTR | 12 | Y | [RFC1035] |
HINFO | 13 | Y | [RFC1035] |
MX | 15 | Y | [RFC1035] |
TXT | 16 | Y | [RFC1035] |
AAAA | 28 | Y | [RFC3596] |
SRV | 33 | Y | [RFC2782] |
NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
DS | 43 | Y | [RFC4034][RFC3658] |
SSHFP | 44 | Y | [RFC4255] |
RRSIG | 46 | Y | [RFC4034][RFC3755] |
NSEC | 47 | Y | [RFC4034][RFC3755] |
DNSKEY | 48 | Y | [RFC4034][RFC3755] |
NSEC3 | 50 | Y | [RFC5155] |
NSEC3PARAM | 51 | Y | [RFC5155] |
TLSA | 52 | Y | [RFC6698] |
Algorithms implemented
Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
---|---|---|---|---|
3 | DSA | y | [RFC3755][RFC2536] | OPTIONAL |
5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
6 | DSA-NSEC3-SHA1 | y | [RFC5155] | OPTIONAL |
7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |
8 | RSASHA256 | y | [RFC5702] | - |
10 | RSASHA512 | y | [RFC5702] | - |
13 | ECDSAP256SHA256 | y | [RFC6605] | - |
14 | ECDSAP384SHA384 | y | [RFC6605] | - |
Release 2.3
Supported operating systems
- MacOS X
- Linux (Debian, CentOS, Arch, ...)
- *BSD (OpenBSD, FreeBSD)
- Solaris
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
- full featured client (yadifa), which can be used to control the server
- key management, including a tool to generate dnssec keys
- multi-master support
- support for other network models
- detect and configure hyperthreading
- re-signing zone file
- fully automated signing of zones and key-roll over
- TTL
- ORIGIN
- *(wildcard)
- @ (in zone file)
- RSA
- DSA
- ECDSA
Mechanisms implemented for DNSSEC
Directives and special constructs
Resource Record types
Type | Value | Supported | References |
---|---|---|---|
A | 1 | Y | [RFC1035] |
NS | 2 | Y | [RFC1035] |
MD | 3 | Y | [RFC1035] |
MF | 4 | Y | [RFC1035] |
CNAME | 5 | Y | [RFC1035] |
SOA | 6 | Y | [RFC1035] |
MB | 7 | Y | [RFC1035] |
MG | 8 | Y | [RFC1035] |
MR | 9 | Y | [RFC1035] |
WKS | 11 | Y | [RFC1035] |
PTR | 12 | Y | [RFC1035] |
HINFO | 13 | Y | [RFC1035] |
MX | 15 | Y | [RFC1035] |
TXT | 16 | Y | [RFC1035] |
AAAA | 28 | Y | [RFC3596] |
SRV | 33 | Y | [RFC2782] |
NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
DS | 43 | Y | [RFC4034][RFC3658] |
SSHFP | 44 | Y | [RFC4255] |
RRSIG | 46 | Y | [RFC4034][RFC3755] |
NSEC | 47 | Y | [RFC4034][RFC3755] |
DNSKEY | 48 | Y | [RFC4034][RFC3755] |
NSEC3 | 50 | Y | [RFC5155] |
NSEC3PARAM | 51 | Y | [RFC5155] |
TLSA | 52 | Y | [RFC6698] |
Algorithms implemented
Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
---|---|---|---|---|
3 | DSA | y | [RFC3755][RFC2536] | OPTIONAL |
5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
6 | DSA-NSEC3-SHA1 | y | [RFC5155] | OPTIONAL |
7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |
8 | RSASHA256 | y | [RFC5702] | - |
10 | RSASHA512 | y | [RFC5702] | - |
13 | ECDSAP256SHA256 | y | [RFC6605] | - |
14 | ECDSAP384SHA384 | y | [RFC6605] | - |
Release 2.2 (2016-07)
Supported operating systems
- MacOS X
- Linux (Debian, CentOS, Arch, ...)
- *BSD (OpenBSD, FreeBSD)
- Solaris
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
- full featured client (yadifa), which can be used to control the server
- key management, including a tool to generate dnssec keys
- multi-master support
- support for other network models
- re-signing zone file
- fully automated signing of zones and key-roll over
- TTL
- ORIGIN
- *(wildcard)
- @ (in zone file)
- RSA
- DSA
- ECDSA
Mechanisms implemented for DNSSEC
Directives and special constructs
Resource Record types
Type | Value | Supported | References |
---|---|---|---|
A | 1 | Y | [RFC1035] |
NS | 2 | Y | [RFC1035] |
MD | 3 | Y | [RFC1035] |
MF | 4 | Y | [RFC1035] |
CNAME | 5 | Y | [RFC1035] |
SOA | 6 | Y | [RFC1035] |
MB | 7 | Y | [RFC1035] |
MG | 8 | Y | [RFC1035] |
MR | 9 | Y | [RFC1035] |
WKS | 11 | Y | [RFC1035] |
PTR | 12 | Y | [RFC1035] |
HINFO | 13 | Y | [RFC1035] |
MX | 15 | Y | [RFC1035] |
TXT | 16 | Y | [RFC1035] |
AAAA | 28 | Y | [RFC3596] |
SRV | 33 | Y | [RFC2782] |
NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
DS | 43 | Y | [RFC4034][RFC3658] |
SSHFP | 44 | Y | [RFC4255] |
RRSIG | 46 | Y | [RFC4034][RFC3755] |
NSEC | 47 | Y | [RFC4034][RFC3755] |
DNSKEY | 48 | Y | [RFC4034][RFC3755] |
NSEC3 | 50 | Y | [RFC5155] |
NSEC3PARAM | 51 | Y | [RFC5155] |
TLSA | 52 | Y | [RFC6698] |
Algorithms implemented
Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
---|---|---|---|---|
3 | DSA | y | [RFC3755][RFC2536] | OPTIONAL |
5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
6 | DSA-NSEC3-SHA1 | y | [RFC5155] | OPTIONAL |
7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |
8 | RSASHA256 | y | [RFC5702] | - |
10 | RSASHA512 | y | [RFC5702] | - |
13 | ECDSAP256SHA256 | y | [RFC6605] | - |
14 | ECDSAP384SHA384 | y | [RFC6605] | - |
Release 2.1 (2015-04)
Supported operating systems
- MacOS X
- Linux (Ubuntu, CentOS, ...)
- *BSD (OpenBSD, FreeBSD)
- Solaris
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
- full featured client (yadifa), which can be used to control the server
Mechanisms implemented for DNSSEC
- re-signing zone file
Directives and special constructs
- TTL
- ORIGIN
- *(wildcard)
- @ (in zone file)
Resource Record types
Type | Value | Supported | References |
---|---|---|---|
A | 1 | Y | [RFC1035] |
NS | 2 | Y | [RFC1035] |
MD | 3 | Y | [RFC1035] |
MF | 4 | Y | [RFC1035] |
CNAME | 5 | Y | [RFC1035] |
SOA | 6 | Y | [RFC1035] |
MB | 7 | Y | [RFC1035] |
MG | 8 | Y | [RFC1035] |
MR | 9 | Y | [RFC1035] |
WKS | 11 | Y | [RFC1035] |
PTR | 12 | Y | [RFC1035] |
HINFO | 13 | Y | [RFC1035] |
MX | 15 | Y | [RFC1035] |
TXT | 16 | Y | [RFC1035] |
AAAA | 28 | Y | [RFC3596] |
SRV | 33 | Y | [RFC2782] |
NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
DS | 43 | Y | [RFC4034][RFC3658] |
SSHFP | 44 | Y | [RFC4255] |
RRSIG | 46 | Y | [RFC4034][RFC3755] |
NSEC | 47 | Y | [RFC4034][RFC3755] |
DNSKEY | 48 | Y | [RFC4034][RFC3755] |
NSEC3 | 50 | Y | [RFC5155] |
NSEC3PARAM | 51 | Y | [RFC5155] |
TLSA | 52 | Y | [RFC6698] |
Algorithms implemented
- RSA
- DSA
Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
---|---|---|---|---|
3 | DSA | y | [RFC3755][RFC2536] | OPTIONAL |
5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
6 | DSA-NSEC3-SHA1 | y | [RFC5155] | OPTIONAL |
7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |
8 | RSASHA256 | y | [RFC5702] | - |
10 | RSASHA512 | y | [RFC5702] | - |
Release 2.0 (2014-09)
Supported operating systems
- MacOS X
- Linux (Ubuntu, CentOS, ...)
- FreeBSD
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
- full featured client (yadifa), which can be used to control the server
Mechanisms implemented for DNSSEC
- re-signing zone file
Directives and special constructs
- TTL
- ORIGIN
- *(wildcard)
- @ (in zone file)
Resource Record types
Type | Value | Supported | References |
---|---|---|---|
A | 1 | Y | [RFC1035] |
NS | 2 | Y | [RFC1035] |
MD | 3 | Y | [RFC1035] |
MF | 4 | Y | [RFC1035] |
CNAME | 5 | Y | [RFC1035] |
SOA | 6 | Y | [RFC1035] |
MB | 7 | Y | [RFC1035] |
MG | 8 | Y | [RFC1035] |
MR | 9 | Y | [RFC1035] |
WKS | 11 | Y | [RFC1035] |
PTR | 12 | Y | [RFC1035] |
HINFO | 13 | Y | [RFC1035] |
MX | 15 | Y | [RFC1035] |
TXT | 16 | Y | [RFC1035] |
AAAA | 28 | Y | [RFC3596] |
SRV | 33 | Y | [RFC2782] |
NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
DS | 43 | Y | [RFC4034][RFC3658] |
SSHFP | 44 | Y | [RFC4255] |
RRSIG | 46 | Y | [RFC4034][RFC3755] |
NSEC | 47 | Y | [RFC4034][RFC3755] |
DNSKEY | 48 | Y | [RFC4034][RFC3755] |
NSEC3 | 50 | Y | [RFC5155] |
NSEC3PARAM | 51 | Y | [RFC5155] |
TLSA | 52 | Y | [RFC6698] |
Algorithms implemented
- RSA
- DSA
Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
---|---|---|---|---|
3 | DSA | y | [RFC3755][RFC2536] | OPTIONAL |
5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
6 | DSA-NSEC3-SHA1 | y | [RFC5155] | OPTIONAL |
7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |
8 | RSASHA256 | y | [RFC5702] | - |
10 | RSASHA512 | y | [RFC5702] | - |
Extra
- more generic parser
- internal rearrangements
- preparation for new functionality (dynamic provisioning, ...)
Release 1.0 (2012-06)
Supported operating systems
- MacOS X
- Linux (Ubuntu, CentOS, ...)
- FreeBSD
Functionality
- authoritative name server
- DNS UPDATE
- DNS NOTIFY
- AXFR
- IXFR
Mechanisms implemented for DNSSEC
- re-signing zone file
Directives and special constructs
- TTL
- ORIGIN
- *(wildcard)
Resource Record types
Type | Value | Supported | References |
---|---|---|---|
A | 1 | Y | [RFC1035] |
NS | 2 | Y | [RFC1035] |
MD | 3 | Y | [RFC1035] |
MF | 4 | Y | [RFC1035] |
CNAME | 5 | Y | [RFC1035] |
SOA | 6 | Y | [RFC1035] |
MB | 7 | Y | [RFC1035] |
MG | 8 | Y | [RFC1035] |
MR | 9 | Y | [RFC1035] |
WKS | 11 | Y | [RFC1035] |
PTR | 12 | Y | [RFC1035] |
HINFO | 13 | Y | [RFC1035] |
MX | 15 | Y | [RFC1035] |
TXT | 16 | Y | [RFC1035] |
AAAA | 28 | Y | [RFC3596] |
SRV | 33 | Y | [RFC2782] |
NAPTR | 35 | Y | [RFC2915][RFC2168][RFC3403] |
DS | 43 | Y | [RFC4034][RFC3658] |
SSHFP | 44 | Y | [RFC4255] |
RRSIG | 46 | Y | [RFC4034][RFC3755] |
NSEC | 47 | Y | [RFC4034][RFC3755] |
DNSKEY | 48 | Y | [RFC4034][RFC3755] |
NSEC3 | 50 | Y | [RFC5155] |
NSEC3PARAM | 51 | Y | [RFC5155] |
Algorithms implemented
- RSA
Value | Algorithm [Mnemonic] | Zone Signing | References | Status |
---|---|---|---|---|
5 | RSASHA1 | y | [RFC3110][RFC4034] | MANDATORY |
7 | RSASHA1-NSEC3-SHA1 | y | [RFC5155] | MANDATORY |