Maintenance Blog

We have a candidate for the upcoming 0.22 release of Net::DNS::SEC.
This release introduces the following new features and improvements:

RRSIG::siginception and RRSIG::siginception in time values

RRSIG::siginception and RRSIG::siginception now returns, besides the format date in string context like before, the date as seconds since epoch in numeric context.

ECDSA and GOST signature creation and verification

The optional Crypt::OpenSSL::EC, Crypt::OpenSSL::ECDSA and Digest::GOST need to be available to enable this feature.

Version requirements detection for optional modules

Besides the optional modules just mentioned, Crypt::OpenSSL::Random is an optional module which enables private key generation and Digest::BubbleBabble enables Net::DNS::RR::DS::babble

Besides these features, architectural modifications have been made to loosen the Net::DNS::RR::* classes from the Net::DNS::SEC package, so that they can be added to the regular Net::DNS in the future, although without cryptographic operations.

To this end, all cryptographic operations are now concentrated in their own modules Net::DNS::SEC::RSA, Net::DNS::SEC::DSA, Net::DNS::SEC::ECDSA and Net::DNS::SEC::ECCGOST.

An affected module of this rework is Net::DNS::SEC::Private.   This module previously performed cryptographic operations with the generate_rsa, new_rsa_priv and dump_rsa_* methods.