Loop version 1.99.5 is available
August 4, 2025
Loop version 1.99.5 has been released (tagged at
1.99.5-20250803090512.84dee3c593
). This is in a series of releases
made from the 1.99 development branch.
The following are release notes for Loop 1.99.5:
- RT1577: Loop now applies a maximum RSA public exponent size of 256
bits during DNSSEC validation. Previously it was unlimited, and there
is also no limit suggested in the DNS standards currently for the RSA
public exponent. An unlimited RSA public exponent size can increase
RSA signature validation times significantly. There was no
vulnerability due to this lack of limit in practice, as other limits
in buffer sizes and the OpenSSL library restricted the maximum
exponent size that could be successfully used. However, these effects
were serendipitous, and an explicit limit of 256 bits has now been set
as suggested in FIPS 186-5
and NIST SP 800-56B. The
maximum allowed RSA public exponent size can be configured using the
max-rsa-exponent-size
config option ofnamed.conf(5)
. 256 bits is also the maximum value allowed for themax-rsa-exponent-size
config option. RSA DNSKEYs created by Loop continue to use a fixed public exponent 65537 which is 17 bits long. - RT1569:
dnssec-keygen(1)
can now create encrypted DNSKEY private keys, so that private key material can be stored encrypted at-rest on disk. Until now, private key material could only be stored in clear-text unencrypted form in files namedKnnnn.+aaa+iiiii.private
where <nnnn> is the key name, <aaa> is the numeric representation of the algorithm, and <iiiii> is the key identifier. If one needed better security for the key material, the only other alternative was to store the keys in a hardware security module (HSM). Now, as another option, the DNSSEC programs allow storing and using private keys in an encryptedKnnnn.+aaa+iiiii.pem
file alongside the existingKnnnn.+aaa+iiiii.key
andKnnnn.+aaa+iiiii.private
files. In this case, the private key material fields are stored in the encryptedKnnnn.+aaa+iiiii.pem
file instead of the clear-textKnnnn.+aaa+iiiii.private
file, whereas theKnnnn.+aaa+iiiii.private
file continues to store key metadata. This protects the private key material at rest. - RT1592: The Loop system tests have been updated to use modern DNSSEC
algorithms, and RSASHA1 and NSEC3RSASHA1 are no longer used except to
test specific cases where their use is required. This is in
preparation awaiting the approval of
draft-ietf-dnsop-must-not-sha1
when support for DNSSEC signing with RSA + SHA-1 will be dropped.
dnssec-keygen(1)
anddnssec-keyfromlabel(1)
now print a warning if RSASHA1 or NSEC3RSASHA1 keys are created. - RT1591: DNSSEC programs such as
dnssec-keygen(1)
anddnssec-keyfromlabel(1)
now require the DNSKEY algorithm to be specified explicitly using the-a
command-line argument. There is no longer a default selection of the algorithm. References have been added to the manpage on selecting a suitable algorithm. This is to avoid unexpected surprises when these programs are used in scripts and the default algorithm type has to change. - RT1579: The
platform.h
header which catered to differences in obsolete POSIX platforms has been removed as the source code tree has been modernized in recent years. This is not a user-visible change.
Other changes were made to the tree that are not ready for public release.
Some more development releases will be made from this branch until Loop 2.0 is ready to be branched. You can read about Loop branches and version numbering.