Add CHANGES and release note for #1129

author Matthijs Mekking <matthijs@isc.org>

Thu, 17 Mar 2022 09:03:02 +0000 (10:03 +0100)

committer Matthijs Mekking <matthijs@isc.org>

Thu, 25 Jan 2024 13:48:06 +0000 (14:48 +0100)
author Matthijs Mekking <matthijs@isc.org>
Thu, 17 Mar 2022 09:03:02 +0000 (10:03 +0100)
committer Matthijs Mekking <matthijs@isc.org>
Thu, 25 Jan 2024 13:48:06 +0000 (14:48 +0100)
diff --git a/CHANGES b/CHANGES

index d70f42d04cac4b3dd7d774654909877cefdca344..b22184cf5e10ecdca64d7c8c6c9dda3418e2e9ef 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,8 @@
+6329.  [func]          Add HSM support for dnssec-policy. You can now
+                       configure keys with a key-store that allows you to
+                       set the directory to store key files and to set a
+                       PKCS #11 URI string. [GL #1129]
+
  6328.  [doc]           Update ZSK minimum lifetime documentation in ARM, also
                         depends on signing delay. [GL #4510]
  
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst

index 9867bbdc3ad00f512491f8b253daef11e769c0a5..9aa27c16aeffcc4b2add6b460b7fed66d9343b7b 100644 (file)
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -28,6 +28,11 @@ New Features
  - The statistics channel now includes counters that indicate the number
    of currently connected TCP IPv4/IPv6 clients. :gl:`#4425`
  
+- Add HSM support to :any:`dnssec-policy`. You can now configure keys with a
+  ``key-store`` that allows you to set the directory to store the key files and
+  set a PKCS#11 URI string. The latter requires OpenSSL 3 and a valid PKCS#11
+  provider to be configured for OpenSSL. :gl`#1129`.
+
  Removed Features
  ~~~~~~~~~~~~~~~~
author	Matthijs Mekking <matthijs@isc.org>
	Thu, 17 Mar 2022 09:03:02 +0000 (10:03 +0100)
committer	Matthijs Mekking <matthijs@isc.org>
	Thu, 25 Jan 2024 13:48:06 +0000 (14:48 +0100)
CHANGES		patch \| blob \| blame \| history
doc/notes/notes-current.rst		patch \| blob \| blame \| history