Bug 1664718
Summary: | [RFE] IdM DNSSEC support | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Martin Kosek <mkosek> |
Component: | ipa | Assignee: | IPA Maintainers <ipa-maint> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | ipa-qe <ipa-qe> |
Severity: | unspecified | Docs Contact: | lmcgarry |
Priority: | medium | ||
Version: | 8.0 | CC: | abokovoy, fhanzelk, igkioka, ksiddiqu, lkuprova, lmanasko, lmcgarry, mvarun, pasik, pvoborni, rcritten, tscherf |
Target Milestone: | rc | Keywords: | FutureFeature, TechPreview |
Target Release: | 8.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-4.7.1-7.module+el8+2555+b334d87b | Doc Type: | Technology Preview |
Doc Text: |
.DNSSEC available as Technology Preview in IdM
Identity Management (IdM) servers with integrated DNS now implement DNS Security Extensions (DNSSEC), a set of extensions to DNS that enhance security of the DNS protocol. DNS zones hosted on IdM servers can be automatically signed using DNSSEC. The cryptographic keys are automatically generated and rotated.
Users who decide to secure their DNS zones with DNSSEC are advised to read and follow these documents:
* link:https://datatracker.ietf.org/doc/html/rfc6781[DNSSEC Operational Practices, Version 2]
* link:http://dx.doi.org/10.6028/NIST.SP.800-81-2[Secure Domain Name System (DNS) Deployment Guide]
* link:https://datatracker.ietf.org/doc/html/rfc7583[DNSSEC Key Rollover Timing Considerations]
Note that IdM servers with integrated DNS use DNSSEC to validate DNS answers obtained from other DNS servers. This might affect the availability of DNS zones that are not configured in accordance with recommended naming practices.
|
Story Points: | --- |
Clone Of: | 1115294 | Environment: | |
Last Closed: | 2019-06-14 02:05:13 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1115294, 2084180 | ||
Bug Blocks: |
Description
Martin Kosek
2019-01-09 13:52:01 UTC
|