_home
_howto
_download
_installation
_privacy
_legalnotice

Sources available on github

https://github.com/pmconrad/tinydnssec

2020-10-14: Version 1.8 released

This version contains these changes:

• Avoid adding duplicate NSEC3 RRs to a response - while this is IMO not a bug, a user has reported that it leads to failures on Google's resolver.
• Fixed some compiler warnings

tinydnssec-1.05-1.8.tar.bz2, PGPSIG
SHA1: 6a26b4501c9e58eac94065115f63c937920ccd1f
SHA256: b767469b87a6bf2b020a54ef2f9d86f37237e19217305fa7c06f93e7cfa96195

2020-06-09: Version 1.7 released

This version contains two fixes:

• the database entries containing hashed domain names would shadow a top-level wildcard, e. g. "1.example.com" would shadow "*.example.com"
• in some cases, the code would select the wrong set of NSEC3 RRs when trying to prove a negative response

Note: the data file created by this version of tinydns-sign is not compatible with older versions of tinydns / axfrdns, and vice versa. This means you must re-sign your data files (and re-run tinydns-data after up- or downgrading.

tinydnssec-1.05-1.7.tar.bz2, PGPSIG
SHA1: 695e9507863c2829cd27bf0df17f2b217754aa04
SHA256: b0696deea92c85456a7bbc14c156df28e42627ad6b6b825ac8bed09768e5213b

2020-05-18: Version 1.6 released

This version contains a fix for a rare situation where tinydns-sign would run into an endless loop.

tinydnssec-1.05-1.6.tar.bz2, PGPSIG
MD5: a54bc27a0fe2bbb4c594b2ba603826fc
SHA1: 4799572565dee5e9dd47a206f3da24d445473e06
SHA256: 019d7d1aafcc20e232d59b524c721f38d87d8e8b605718b44e13eb13d2edda5f

2019-07-22: Version 1.5 released

This version contains an important a bugfix regarding the handling of wildcard records.

tinydnssec-1.05-1.5.tar.bz2, PGPSIG
MD5: 9e082b22dcd1b6a8dd21fb7d5ecada90
SHA1: 5330e7e790cbfd7cc9d301e7f51f8a8ba72aa9e0

2015-05-13: Version 1.4 released

This version contains an important bugfix regarding invalid signatures on generic records or TXT records with octal escapes of less than 3 digits.

tinydnssec-1.05-1.4.tar.bz2, PGPSIG
MD5: 5945076f6a6d10f1586dc08b0d45e5c5
SHA1: 13da9779ecfec801ddec10634d243cdd1858e588

2012-12-09: Version 1.3 released

This version contains an important bugfix regarding failures on DNSSEC-enabled queries on unsigned domains where the response should have been NXDOMAIN, NODATA or a wildcard response.

tinydnssec-1.05-1.3.tar.bz2, PGPSIG
MD5: 7ba7f80b4f5a9ece1ba71e931b570d9d
SHA1: b33d5c3e0de67f6427aad8c00a99580b59804075

Version 1.2 (unreleased)

• Minor makefile fix
• Added sanity check on algorithm parameter in key generation
• License clarification

2012-09-20: IPO - Version 1.1 released

tinydnssec-1.05-1.1.tar.bz2
MD5: c82c5305d6a62f7bcc0c19ac81114d51
SHA1: c11398ef1672a90cdfdf6e0720513d9770e889c1