Slash
This bug-fix release ensures that XML files used in the set up of a CA, which were generated by pre 0.10.0 Krill versions can be used. See issue #922
Other than that this release introduces no changes compared to Krill 0.10.0 'Hush'. For convenience will repeat the release notes here. The Krill 0.10.x series introduces the following major features:
- BGPSec Router Certificate Signing
- Support the use of Hardware Security Modules (HSMs) for key operations
The documentation has more information:
| Subject | Section |
|---|---|
| API changes | https://krill.docs.nlnetlabs.nl/en/stable/upgrade.html#v0-10-0 |
| BGPSec | https://krill.docs.nlnetlabs.nl/en/stable/cli.html#krillc-bgpsec |
| HSM support | https://krill.docs.nlnetlabs.nl/en/stable/hsm.html |
Besides these major features we added a number of small improvements and bug fixes:
- CRL revocation dates in the future #788
- Prevent that two krill instances modify the same data #829
- Let user force RRDP session reset on restore #828
- Various code improvements aimed at maintainability
- Using a jitter of 0 results in a panic #859
- Security fixes in KMIP dependencies #860 (HSM support)
- Add SSLKEYLOGFILE support #615
- Allow explicit disabling of HTTPS #913
The full list of changes can be found here:
https://github.com/NLnetLabs/krill/projects/19