Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 998522 - DNSSEC support for FreeIPA
Summary: DNSSEC support for FreeIPA
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: Changes Tracking
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Jaroslav Reznik
QA Contact:
URL:
Whiteboard:
Depends On: 1097752 1110720 1121658 1122486 1123354 1150396
Blocks: dnssec 1008203 1008204
TreeView+ depends on / blocked
 
Reported: 2013-08-19 13:28 UTC by Jaroslav Reznik
Modified: 2014-12-08 15:25 UTC (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1008203 1008204 (view as bug list)
Environment:
Last Closed: 2014-12-08 15:25:11 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Jaroslav Reznik 2013-08-19 13:28:19 UTC
This is a tracking bug for Change: DNSSEC support for FreeIPA
For more details, see: http://fedoraproject.org//wiki/Changes/IPAv3DNSSEC

FreeIPA with integrated DNS server will support serving of DNSSEC secured zones.

Comment 1 Tomas Babej 2013-08-28 14:22:11 UTC
This feature is self-contained and not in a testable state yet. It is planned for FreeIPA 3.4 Beta release which is aligned with the F20 schedule.

Comment 2 Petr Spacek 2013-09-02 11:18:58 UTC
It is possible that we will not be able to complete the feature in time for Fedora 20 beta.

From:
http://fedoraproject.org//wiki/Changes/IPAv3DNSSEC#Contingency_Plan
Contingency mechanism: Do not expose new feature in FreeIPA's user interface (i.e. revert patches for user interface)

Comment 3 Jaroslav Reznik 2013-09-04 12:28:20 UTC
Ok, in case you won't be able to finish it by Beta Change Deadline (currently planned for 2013-10-08), let me know and put the bug to the NEW state, version to rawhide.

Thanks for update!

Comment 4 Jaroslav Reznik 2013-09-17 11:43:30 UTC
(In reply to Petr Spacek from comment #2)
> It is possible that we will not be able to complete the feature in time for
> Fedora 20 beta.
> 
> From:
> http://fedoraproject.org//wiki/Changes/IPAv3DNSSEC#Contingency_Plan
> Contingency mechanism: Do not expose new feature in FreeIPA's user interface
> (i.e. revert patches for user interface)

Petr, do you have any updates?

Comment 5 Petr Spacek 2013-09-17 12:33:03 UTC
I think that DNSSEC will not be prepared for Fedora 20 in time. Nothing should change from user's perspective (in comparison with Fedora 19). See the contingency plan: "Do not expose new feature in FreeIPA's user interface."

Comment 6 Petr Spacek 2013-10-02 08:39:01 UTC
I'm moving the bug back to NEW/rawhide, because we are still missing user interface and key management.

Comment 7 Jaroslav Reznik 2014-10-20 14:11:58 UTC
Hi Petr, how what's the status of this change for Fedora 21? I see a few dependencies not fulfilled yet, should I move it to Fedora 22? Thanks

Comment 8 Petr Spacek 2014-10-20 15:20:22 UTC
Hello!

We are going to build new freeipa packages today or tomorrow. All the necessary packages are in Koji, we only have to sort out bureocracy around it in Bodhi.

Comment 9 Jaroslav Reznik 2014-10-21 11:53:24 UTC
Thanks, based on it, I'm moving it to ON_QA.


Note You need to log in before you can comment on or make changes to this bug.