[Pki-devel] Announcing Dogtag 10.0.1 for pki-core and dogtag-pki

Fri Jan 18 03:23:12 UTC 2013

The Dogtag team is proud to announce the first errata build for 
Dogtag v10.0.0. 

The only packages that are being modified are dogtag-pki and pki-core,
both of which are being released as version 10.0.1.

A build is available for Fedora 18 in the updates-testing repo.  Please
try it out and provide karma to move it to the F18 stable repo.

Daily developer builds for Fedora 17 and 18 are available at
http://nkinder.fedorapeople.org/dogtag-devel/fedora/

== Build Versions ==
pki-core-10.0.1-1.fc18
pki-ra-10.0.0-1.fc18
pki-tps-10.0.0-1.fc18
dogtag-pki-10.0.1-1.fc18
dogtag-pki-theme-10.0.0-1.fc18
pki-console-10.0.0-1.fc18

== Highlights since Dogtag v. 10.0.0 ==
* Nonces have been added to the RESTful interface for certificate
revocation to preventing cross site scripting attacks on that interface.

* A new servlet has been added to the RESTful interface to add and
remove KRA connector configuration from a CA.  This is used to clean up
a CA when a KRA is destroyed.

* The default validity of the CA signing cert has been lengthened from 8
to 20 years.

* pkispawn has been modified to allow the user to specify the location
of the generated admin cert PKCS#12 file.

* OCSP now supports ECC CRLs.

* A more robust use of interpolation has been added to pkispawn.

* pkidaemon has been repaired to display the runtime status of PKI
Java-based instances

* A third-party license file has been added for Dogtag 10's use of
JQuery and the JQuery.i18n.properties plug-in

== Detailed Changes since Dogtag v. 10.0.0 ==
alee (12):
- TRAC Ticket 367 - pkidestroy does not remove connector
- Fix spec file to allow f17 to work with latest tomcatjss
- TRAC Ticket 466 - Increase root CA validity to 20 years
- TRAC Ticket 437 - Make admin cert p12 file location configurable
- TRAC Ticket 393 - pkispawn fails when selinux is disabled
- Punctuation and formatting changes in man pages
- TRAC Ticket 436 - Interpolation for pki_subsystem
- TRAC Ticket 433 - Interpolation for paths
- TRAC Ticket 435 - Identical instance id and instance name
- TRAC Ticket 406 - Replace file dependencies with package dependencies
- Revert to using default config file for pkidestroy
- Hardcode setting of resteasy-lib for instance

cfu (1):
- Bugzilla Bug 839426 - [RFE] ECC CRL support for OCSP

edewata (3):
- TRAC Ticket 214 - Missing error description for duplicate user
- TRAC Ticket 213 - Add nonces for cert revocation
- TRAC Ticket 191 - Mapping HTTP Exceptions to HTTP error codes

mharmsen (4):
- TRAC Ticket #430 - License for 3rd party code
- TRAC Ticket 469 - Fix tomcatjss issue in spec files
- TRAC Ticket 468 - pkispawn throws exception
- TRAC Ticket 271 - Dogtag 10: Fix 'status' command in 'pkidaemon'