From: Evan Hunt Date: Tue, 2 Feb 2021 23:47:52 +0000 (-0800) Subject: CHANGES, release notes X-Git-Tag: v9.17.10~7^2 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=91718fe4fb49559271f3319c70539b80a146b5fb;p=thirdparty%2Fbind9.git CHANGES, release notes --- diff --git a/CHANGES b/CHANGES index cd946939a12..1f8591e7ae5 100644 --- a/CHANGES +++ b/CHANGES @@ -1,7 +1,9 @@ -5576. [func] Initial support for DNS-over-HTTP(S). BIND now - includes DNS-over-HTTP(S) layer built on top of nghttp2. - Both encrypted and unencrypted HTTP/2 connections - are supported. [GL !4566] +5576. [experimental] Initial server-side implementation of DNS-over-HTTPS + (DoH). Support for both TLS-encrypted and unencrypted + HTTP/2 connections has been added to the network manager + and integrated into named. (Note: there is currently no + client-side support for DNS-over-HTTPS; this will be + added to dig in a future release.) [GL #1144] 5575. [bug] When migrating to dnssec-policy, BIND considered keys with the "Inactive" and/or "Delete" timing metadata as diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index ae6b01a7e29..ba95f08b248 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -52,12 +52,12 @@ New Features an optional ``tls`` option which specifies either a previously configured ``tls`` statement or ``ephemeral``. [GL #2392] -- ``named`` now has initial support for DNS-over-HTTP(S). Both - encrypted (via TLS) and unencrypted HTTP/2 connections are supported. - The latter are mostly there for debugging/troubleshooting - purposes and for the means of encryption offloading to third-party - software (as might be desirable in some environments to aid in TLS - certificates management). [GL !4566] +- ``named`` now supports DNS-over-HTTPS (DoH). Both TLS-encrypted and + unencrypted HTTP/2 connections are supported (the latter may be used to + offload encryption to other software). + + Note that there is no client-side support for HTTPS as yet; this will be + added to ``dig`` in a future release. [GL #1144] Removed Features ~~~~~~~~~~~~~~~~