Bug 998522 - DNSSEC support for FreeIPA
DNSSEC support for FreeIPA
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: Changes Tracking (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Jaroslav Reznik
: Tracking
Depends On: 1097752 1110720 1121658 1122486 1123354 1150396
Blocks: dnssec 1008203 1008204
  Show dependency treegraph
 
Reported: 2013-08-19 09:28 EDT by Jaroslav Reznik
Modified: 2014-12-08 10:25 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1008203 1008204 (view as bug list)
Environment:
Last Closed: 2014-12-08 10:25:11 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jaroslav Reznik 2013-08-19 09:28:19 EDT
This is a tracking bug for Change: DNSSEC support for FreeIPA
For more details, see: http://fedoraproject.org//wiki/Changes/IPAv3DNSSEC

FreeIPA with integrated DNS server will support serving of DNSSEC secured zones.
Comment 1 Tomas Babej 2013-08-28 10:22:11 EDT
This feature is self-contained and not in a testable state yet. It is planned for FreeIPA 3.4 Beta release which is aligned with the F20 schedule.
Comment 2 Petr Spacek 2013-09-02 07:18:58 EDT
It is possible that we will not be able to complete the feature in time for Fedora 20 beta.

From:
http://fedoraproject.org//wiki/Changes/IPAv3DNSSEC#Contingency_Plan
Contingency mechanism: Do not expose new feature in FreeIPA's user interface (i.e. revert patches for user interface)
Comment 3 Jaroslav Reznik 2013-09-04 08:28:20 EDT
Ok, in case you won't be able to finish it by Beta Change Deadline (currently planned for 2013-10-08), let me know and put the bug to the NEW state, version to rawhide.

Thanks for update!
Comment 4 Jaroslav Reznik 2013-09-17 07:43:30 EDT
(In reply to Petr Spacek from comment #2)
> It is possible that we will not be able to complete the feature in time for
> Fedora 20 beta.
> 
> From:
> http://fedoraproject.org//wiki/Changes/IPAv3DNSSEC#Contingency_Plan
> Contingency mechanism: Do not expose new feature in FreeIPA's user interface
> (i.e. revert patches for user interface)

Petr, do you have any updates?
Comment 5 Petr Spacek 2013-09-17 08:33:03 EDT
I think that DNSSEC will not be prepared for Fedora 20 in time. Nothing should change from user's perspective (in comparison with Fedora 19). See the contingency plan: "Do not expose new feature in FreeIPA's user interface."
Comment 6 Petr Spacek 2013-10-02 04:39:01 EDT
I'm moving the bug back to NEW/rawhide, because we are still missing user interface and key management.
Comment 7 Jaroslav Reznik 2014-10-20 10:11:58 EDT
Hi Petr, how what's the status of this change for Fedora 21? I see a few dependencies not fulfilled yet, should I move it to Fedora 22? Thanks
Comment 8 Petr Spacek 2014-10-20 11:20:22 EDT
Hello!

We are going to build new freeipa packages today or tomorrow. All the necessary packages are in Koji, we only have to sort out bureocracy around it in Bodhi.
Comment 9 Jaroslav Reznik 2014-10-21 07:53:24 EDT
Thanks, based on it, I'm moving it to ON_QA.

Note You need to log in before you can comment on or make changes to this bug.