Log message:
Added MESSAGE with a pointer to documentation.

Log message:
Fix so the example conf files are installed

Log message:
Fixed dependency for dnsruby according to 1.0.0b3:
* The auditor (dnsruby) supports RSA/SHA256 and RSA/SHA512

Log message:
OpenDNSSEC 1.0.0b4 - 2009-10-23

* Default TTL in case of $TTL or explicit RR TTL becomes the SOA Minimum value (
was 3600).
* The signer engine will check if another engine is already running before start
ing.
* Startup scripts for Solaris (SMF).
* Auditor gives an error if key moves to "in use" without sufficient \ 
"prepublish
ed" time.

Bugfixes:
* Trailing spaces are not part of the domain name/ include file/ ttl in directiv
es.
* nsec3er: Print final RRset, even if no NSEC3 was needed at that RRset.
* Proper privileges dropping when creating the command socket
* Signer sometimes didn't terminate if socket shutdown failed.

Known issues:
* The Signer Engine fails with broken pipes sometimes.

Log message:
OpenDNSSEC 1.0.0b3 - 2009-10-16

* The auditor now tracks the SOA serial over time
* The auditor (dnsruby) supports RSA/SHA256 and RSA/SHA512

Bugfixes:
* The LDNS bug that affected SRV records has been fixed in ldns-trunk.
* Bugreport #41: Fix for SOA serial 'keep'.
* Allow for SOA Serial/TTL/Minimum values of zero.
* Correct socket binding of NotifyListen.
* Systems with older SQLite had problem rolling keys on a policy.
* Auditor now handles SSHFP and NAPTR records correctly (but needs Dnsruby 1.39)
* Auditor now handles TTLs in zone file with suffix s, m, h, d, and w.

Log message:
Removed etc/* files from PLIST

Log message:
OpenDNSSEC 1.0.0b2 - 2009-10-09

* Added experimental support for RSA/SHA256 and RSA/SHA512 to KASP enforcer
  and the signer engine.
* SignerThreads and KeygenInterval has been deprecated (actually removed
  just before 1.0.0b1).
* Added support for RSA/SHA256 and RSA/SHA512 to libhsm. No API changes.

Bugfixes:
* Bugreport #33 (#35): Output a signed zone if only the SOA record changed. 
* Zone fetcher did not start correctly
* Create the pid / socket directory if it not yet exists, with the correct
  privileges.
* Signer Engine now catches exception if running with incorrect permission.
* TCP-support for LDNS on Solaris is fixed in LDNS trunk.

Known issues:
* LDNS is having problem with SRV records. The main effect is that these
  records are given non-valid RRSIGs. This is still under investigation.

Log message:
Fixed PLIST according to 1.0.0b1 renaming of binaries

Log message:
Fixed build dependency for platforms with native java support.
eg. MacOSX

Log message:
* kasp_check command added to check the conf.xml and kasp.xml
  configuration files for sanity and consistency
* communicated and keygend combined to form "enforcerd" (although this
  name will change).
* ksmutil command line changes. Most commands have changed slightly, some
  have changed lots.
  See http://svn.opendnssec.org/docs/command-tools-syntax.txt .
* enforcer database now has a version number. If it differs from a #define
  in the code then the software will not connect to the database.
* "ksmutil list keys" now displays the keytag if the -l flag is passed \ 
to it.
* "Emergency Keys" renamed to "Standby Keys" as this better \ 
reflects their
   role as we use them.
* The behaviour of SOA Serial value 'counter' changed according to Ticket #31.
* changes to the KASP DB, please apply:
  If want to use your old database, use the following commands to upgrade:
    sqlite3 <PATH_TO_ENFORCER.DB> < enforcer/utils/migrate_090922_1.sqlite3
    sqlite3 <PATH_TO_ENFORCER.DB> < enforcer/utils/migrate_090930_1.sqlite3
  Or start fresh (with loss of information. User should remove old keys
  from the HSM):
    ksmutil setup
* move xml/ to conf/ (part of repository clean)

Bugfixes:
* Make sure that parenthesis in zonefiles don't concatenate rdata fields.

Known issues:
* TCP-support for LDNS on Solaris is currently broken due to an issue with
  SO_RCVTIMEO. The result is that the zonefetcher doesn't work. No other parts
  of OpenDNSSEC is affected by this bug. There is currently no workaround.