Bug 11370 - dns_signer not shipped
Summary: dns_signer not shipped
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: bind   
(Show other bugs)
Version: 6.2
Hardware: All Linux
Target Milestone: ---
Assignee: Bernhard Rosenkraenzer
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2000-05-11 19:02 UTC by Derek Atkins
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2000-05-22 17:59:02 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Derek Atkins 2000-05-11 19:02:45 UTC
You do not ship dns_signer, the application needed to generate a Secure DNS
Zone (as per DNSSEC), as part of the standard bind package.  It is part of
the contrib section of BIND 8.2.2, but it does not get built as part of the
current bind rpm build process.

Without dns_signer, you cannot generate a DNSSEC Secure Zone file.

Could you please build the dns_signer and also ship it with the Bind RPM?


Comment 1 Nalin Dahyabhai 2000-05-22 17:59:59 UTC
Please correct me if I'm wrong, but I understood that the DNSSEC protocols use
RSA-MD5 signatures, which require use of a patented algorithm.

Comment 2 Bernhard Rosenkraenzer 2000-08-03 09:25:40 UTC
We'll probably "fix" this some time after the RSA patent expired.
#include <patents/suck.h>

Comment 3 Derek Atkins 2000-08-03 18:41:46 UTC
FYI, RSADSI has given a license to BIND specifically to enable the distribution
of SecureDNS.  If you'd like I can go find you the relevant websites that have
the license information, but a web search of DNS RSA and License should find
it.  In particular, John Gilmore was instrumental in obtaining such a license.

Comment 4 Andrew Bartlett 2001-01-05 00:33:32 UTC
I think this is all sorted with bind 9.1, as RSA has expired and bind now uses
OpenSSL. (The SecureDNS licence, from what I remember, was not strictly 'Open

Note You need to log in before you can comment on or make changes to this bug.