Bug 11370 - dns_signer not shipped
dns_signer not shipped
Product: Red Hat Linux
Classification: Retired
Component: bind (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Bernhard Rosenkraenzer
Depends On:
  Show dependency treegraph
Reported: 2000-05-11 15:02 EDT by Derek Atkins
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2000-05-22 13:59:02 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Derek Atkins 2000-05-11 15:02:45 EDT
You do not ship dns_signer, the application needed to generate a Secure DNS
Zone (as per DNSSEC), as part of the standard bind package.  It is part of
the contrib section of BIND 8.2.2, but it does not get built as part of the
current bind rpm build process.

Without dns_signer, you cannot generate a DNSSEC Secure Zone file.

Could you please build the dns_signer and also ship it with the Bind RPM?

Comment 1 Nalin Dahyabhai 2000-05-22 13:59:59 EDT
Please correct me if I'm wrong, but I understood that the DNSSEC protocols use
RSA-MD5 signatures, which require use of a patented algorithm.
Comment 2 Bernhard Rosenkraenzer 2000-08-03 05:25:40 EDT
We'll probably "fix" this some time after the RSA patent expired.
#include <patents/suck.h>
Comment 3 Derek Atkins 2000-08-03 14:41:46 EDT
FYI, RSADSI has given a license to BIND specifically to enable the distribution
of SecureDNS.  If you'd like I can go find you the relevant websites that have
the license information, but a web search of DNS RSA and License should find
it.  In particular, John Gilmore was instrumental in obtaining such a license.
Comment 4 Andrew Bartlett 2001-01-04 19:33:32 EST
I think this is all sorted with bind 9.1, as RSA has expired and bind now uses
OpenSSL. (The SecureDNS licence, from what I remember, was not strictly 'Open

Note You need to log in before you can comment on or make changes to this bug.