Add release note for [GL #3469]

author Mark Andrews <marka@isc.org>

Thu, 21 Jul 2022 23:13:09 +0000 (09:13 +1000)

committer Mark Andrews <marka@isc.org>

Mon, 25 Jul 2022 15:37:49 +0000 (11:37 -0400)
author Mark Andrews <marka@isc.org>
Thu, 21 Jul 2022 23:13:09 +0000 (09:13 +1000)
committer Mark Andrews <marka@isc.org>
Mon, 25 Jul 2022 15:37:49 +0000 (11:37 -0400)
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst

index e5182971841963138d823ecc29e54403c880a535..e5ae67b234279c71e35cf2307fa199ca4dcb3fd3 100644 (file)
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -35,7 +35,12 @@ Removed Features
  Feature Changes
  ~~~~~~~~~~~~~~~
  
-- None.
+- DNSSEC ``RSASHA1`` and ``NSEC3RSASHA1`` are automatically disabled
+  on systems (e.g. RHEL9) where they are disallowed by the security
+  policy.  Primary zones using those algorithms need to be moved
+  off of them prior to running on these systems as graceful migration
+  to different DNSSEC algorithms is not possible when RSASHA1 is
+  disallowed by the OS. :gl:`#3469`
  
  Bug Fixes
  ~~~~~~~~~
author	Mark Andrews <marka@isc.org>
	Thu, 21 Jul 2022 23:13:09 +0000 (09:13 +1000)
committer	Mark Andrews <marka@isc.org>
	Mon, 25 Jul 2022 15:37:49 +0000 (11:37 -0400)