Loop version 1.99.5 is available

Loop version 1.99.5 is available

August 4, 2025


Loop version 1.99.5 has been released (tagged at 1.99.5-20250803090512.84dee3c593). This is in a series of releases made from the 1.99 development branch.

The following are release notes for Loop 1.99.5:

  • RT1577: Loop now applies a maximum RSA public exponent size of 256 bits during DNSSEC validation. Previously it was unlimited, and there is also no limit suggested in the DNS standards currently for the RSA public exponent. An unlimited RSA public exponent size can increase RSA signature validation times significantly. There was no vulnerability due to this lack of limit in practice, as other limits in buffer sizes and the OpenSSL library restricted the maximum exponent size that could be successfully used. However, these effects were serendipitous, and an explicit limit of 256 bits has now been set as suggested in FIPS 186-5 and NIST SP 800-56B. The maximum allowed RSA public exponent size can be configured using the max-rsa-exponent-size config option of named.conf(5). 256 bits is also the maximum value allowed for the max-rsa-exponent-size config option. RSA DNSKEYs created by Loop continue to use a fixed public exponent 65537 which is 17 bits long.
  • RT1569: dnssec-keygen(1) can now create encrypted DNSKEY private keys, so that private key material can be stored encrypted at-rest on disk. Until now, private key material could only be stored in clear-text unencrypted form in files named Knnnn.+aaa+iiiii.private where <nnnn> is the key name, <aaa> is the numeric representation of the algorithm, and <iiiii> is the key identifier. If one needed better security for the key material, the only other alternative was to store the keys in a hardware security module (HSM). Now, as another option, the DNSSEC programs allow storing and using private keys in an encrypted Knnnn.+aaa+iiiii.pem file alongside the existing Knnnn.+aaa+iiiii.key and Knnnn.+aaa+iiiii.private files. In this case, the private key material fields are stored in the encrypted Knnnn.+aaa+iiiii.pem file instead of the clear-text Knnnn.+aaa+iiiii.private file, whereas the Knnnn.+aaa+iiiii.private file continues to store key metadata. This protects the private key material at rest.
  • RT1592: The Loop system tests have been updated to use modern DNSSEC algorithms, and RSASHA1 and NSEC3RSASHA1 are no longer used except to test specific cases where their use is required. This is in preparation awaiting the approval of draft-ietf-dnsop-must-not-sha1 when support for DNSSEC signing with RSA + SHA-1 will be dropped. dnssec-keygen(1) and dnssec-keyfromlabel(1) now print a warning if RSASHA1 or NSEC3RSASHA1 keys are created.
  • RT1591: DNSSEC programs such as dnssec-keygen(1) and dnssec-keyfromlabel(1) now require the DNSKEY algorithm to be specified explicitly using the -a command-line argument. There is no longer a default selection of the algorithm. References have been added to the manpage on selecting a suitable algorithm. This is to avoid unexpected surprises when these programs are used in scripts and the default algorithm type has to change.
  • RT1579: The platform.h header which catered to differences in obsolete POSIX platforms has been removed as the source code tree has been modernized in recent years. This is not a user-visible change.

Other changes were made to the tree that are not ready for public release.

Some more development releases will be made from this branch until Loop 2.0 is ready to be branched. You can read about Loop branches and version numbering.

Loop Posts RSS