Log message:
OpenDNSSEC 1.2.0rc2:

Bugfixes:
* Signer Engine: Use the correct TTL for RRs after the $INCLUDE directive.
* Signer Engine: Also create new signature if TTL of RR has changed.
* Signer Engine: Drop old NSEC/NSEC3 records.
* ods-ksmutil: Fixed some memory leaks.

Log message:
OpenDNSSEC 1.2.0rc1:

* New commandline option for the signer: ods-signer running.
* Allow connection to different MySQL ports in the Enforcer.
* Tone down and explain warning when converting M or Y to seconds
* ldns 1.6.7 is required for bugfixes
* dnsruby 1.51 is required for bugfixes

Migration:
* There is a kasp schema change from the 1.1 branch (or trunk if you built
  prior to r3823). To make this transition you have 2 options:

  1) Run ods-ksmutil setup again. This will remove _all_ the current
  information from the kasp database and start you off again with a fresh
  environment.
  
  If that is not an option, or you want to try something else then:
  
  2) run one of the migration scripts
        enforcer/utils/migrate_keyshare_mysql.pl
  or
        enforcer/utils/migrate_keyshare_sqlite3.pl
  depending on your database.

  NOTE: Although these scripts have been tested it is recommended to make a
        backup of your database prior to running them.

Bugfixes:
* Bugreport #187: ods-control signer start will return non-zero if start up 
  failed (uses ods-signer running).
* Narrow glue at the zone cut is allowed, do not consider it as occluded.
* Move zone fetcher output to correct input adapter file.
* Enforcer shared keys on zones with ShareKeys disabled.
* Make names of key states consistent.
* Signer Engine file descriptor leak fix on engine.sock.
* Set explicit "unlimited" repository capacity to prevent random \ 
integer being 
  read. Requires "ods-ksmutil update conf" to be run if using an existing 
  database.
* Fix issue with key generation creating too many keys Ticket #194.
* Bugreport #189: Auditor did not handle white-space-seperated substrings
  for base64 text
* Bugreport #190: Auditor (and signer) does not handle case correctly
* Signer now silence stdout-output from the notify command

Log message:
OpenDNSSEC 1.1.0rc3:

* Could not compile quicksorter on FreeBSD
* Bugreport #131: test suite fails in 1.1.0rc2
* Auditor complained about missing RRs in some cases

Log message:
OpenDNSSEC 1.1:

* Performance improvements for large zones
* Clarification to the KSK rollover process
* Partial auditing of large zones
* Improved registrar support (EPP client plugin)

Log message:
removed, committed to pkgsrc

Log message:
Corrected paths to ruby-dnsruby and softhsm

Log message:
"Polished" for pkgsrc

Log message:
OpenDNSSEC 1.0.0 - 2010-02-09

* Fixed broken path in ods-control

Log message:
OpenDNSSEC 1.0.0rc4 - 2010-02-02

* Added manual pages for ods-auditor(1), ods-control(8), ods-enforcerd(8),
  ods-signerd(8), ods-signer(8), ods-hsmpseed(1), ods-hsmutil(1), 
  ods-kaspcheck(1), ods-ksmutil(1), ods-timing(5), opendnssec(7).
* Move ods-control & ods-signer from PREFIX/bin to PREFIX/sbin.
* Dnsruby-1.43 is now required

Log message:
OpenDNSSEC 1.0.0rc3 - 2010-01-25

* A code review was performed by members of the project group. No serious 
  problem was found. The code review resulted in some polishing of the code.
* Dnsruby-1.42 is now required, it fixes issues with TXT and NAPTR record
  parsing.
* ldns 1.6.4 is now required.
* Known issues has been moved from NEWS to KNOWN_ISSUES.

Bugfixes:
* ods-ksmutil: The ksk-roll command did not handle its options correctly
* Auditor: Configured zone SOA TTL now used to track pre-published keys,
  rather than the unsigned zone SOA TTL.
* Enforcer: There was a flaw in the implementation of the timing code (it 
  follows an earlier version of the draft and at one point does not add on 
  the safety margin).
* Enforcer: MySQL memory leaks fixed.
* Signer Engine: When changing policy or rollover a key, the old signed zone
  was not found,
  so always resulting in a fresh resign.
* Signer Engine: RRsets with varying TTLs on the records where considered
  different RRsets, the signer engine now eqaulizes those TTLs.