Add release note for [GL #3469]

author Mark Andrews <marka@isc.org>

Thu, 21 Jul 2022 23:13:09 +0000 (09:13 +1000)

committer Mark Andrews <marka@isc.org>

Mon, 25 Jul 2022 14:32:48 +0000 (10:32 -0400)
author Mark Andrews <marka@isc.org>
Thu, 21 Jul 2022 23:13:09 +0000 (09:13 +1000)
committer Mark Andrews <marka@isc.org>
Mon, 25 Jul 2022 14:32:48 +0000 (10:32 -0400)
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst

index bbc6fc35bfb61950444db4849207d278326cb707..a41370d496476aa7d120c6eba4dbf0ce6d9586b5 100644 (file)
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -41,7 +41,12 @@ Removed Features
  Feature Changes
  ~~~~~~~~~~~~~~~
  
-- None.
+- DNSSEC ``RSASHA1`` and ``NSEC3RSASHA1`` are automatically disabled
+  on systems (e.g. RHEL9) where they are disallowed by the security
+  policy.  Primary zones using those algorithms need to be moved
+  off of them prior to running on these systems as graceful migration
+  to different DNSSEC algorithms is not possible when RSASHA1 is
+  disallowed by the OS. :gl:`#3469`
  
  Bug Fixes
  ~~~~~~~~~
author	Mark Andrews <marka@isc.org>
	Thu, 21 Jul 2022 23:13:09 +0000 (09:13 +1000)
committer	Mark Andrews <marka@isc.org>
	Mon, 25 Jul 2022 14:32:48 +0000 (10:32 -0400)