Red Hat Bugzilla – Bug 998522
DNSSEC support for FreeIPA
Last modified: 2014-12-08 10:25:11 EST
This is a tracking bug for Change: DNSSEC support for FreeIPA
For more details, see: http://fedoraproject.org//wiki/Changes/IPAv3DNSSEC
FreeIPA with integrated DNS server will support serving of DNSSEC secured zones.
This feature is self-contained and not in a testable state yet. It is planned for FreeIPA 3.4 Beta release which is aligned with the F20 schedule.
It is possible that we will not be able to complete the feature in time for Fedora 20 beta.
Contingency mechanism: Do not expose new feature in FreeIPA's user interface (i.e. revert patches for user interface)
Ok, in case you won't be able to finish it by Beta Change Deadline (currently planned for 2013-10-08), let me know and put the bug to the NEW state, version to rawhide.
Thanks for update!
(In reply to Petr Spacek from comment #2)
> It is possible that we will not be able to complete the feature in time for
> Fedora 20 beta.
> Contingency mechanism: Do not expose new feature in FreeIPA's user interface
> (i.e. revert patches for user interface)
Petr, do you have any updates?
I think that DNSSEC will not be prepared for Fedora 20 in time. Nothing should change from user's perspective (in comparison with Fedora 19). See the contingency plan: "Do not expose new feature in FreeIPA's user interface."
I'm moving the bug back to NEW/rawhide, because we are still missing user interface and key management.
Hi Petr, how what's the status of this change for Fedora 21? I see a few dependencies not fulfilled yet, should I move it to Fedora 22? Thanks
We are going to build new freeipa packages today or tomorrow. All the necessary packages are in Koji, we only have to sort out bureocracy around it in Bodhi.
Thanks, based on it, I'm moving it to ON_QA.