From nobody Tue Dec 28 13:55:28 2021 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 56A121905CD6 for ; Tue, 28 Dec 2021 13:55:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JNbds0y9nz4XQ4 for ; Tue, 28 Dec 2021 13:55:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id F176212D07 for ; Tue, 28 Dec 2021 13:55:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 1BSDtScI037633 for ; Tue, 28 Dec 2021 13:55:28 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 1BSDtSEm037632 for ports-bugs@FreeBSD.org; Tue, 28 Dec 2021 13:55:28 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 260756] net/krill: Update to version 0.9.4 Date: Tue, 28 Dec 2021 13:55:28 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: jaap@NLnetLabs.nl X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform bug_file_loc op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1640699729; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HGOw16ftWPV86goij+E/phKtb9PfzkahaQV4XGo3ZbY=; b=xeD3p3Omdd4ymR8ORPHCBng6nQ+fVrJs3anJA7BRt8k+ZjOjVt0chdP+hSw6iQ6om+uyde yvYgbYlK2lv4GTc+IjXEMSEUouC432SsMtpc9BhkC4gsoBlBKXrlK1pqnGPb+YVssvv6OE tYf8rDqS0Jbq+NfnqUHpMn227iFkIiVgZy8qYj/AaSQ/MRxGVN8PbgDBWvhKPNe9PLwFuv V/bRSaXDbMKMHM1i5KdnCB2UdmOVpP1MQg4yU5h7AfZ7NlKWt09FRLGuwij3CqXH6r5CrT MM/I9FSROKLW4KuD9QNzYWDkLuhoOF5cAiL61l4h7Vi7FsjydEIXgQyvKaFYdw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1640699729; a=rsa-sha256; cv=none; b=pk5/lUaUCxN/TKSd1wI4gmnD35TAHBaxFU9sCKrKSKdNCASTBpLmdsp93tFJYXaI43ag9O XZC/HnA0lwhhcM1uu/7Y7f7jpCRXJZ/53wsp/RfgdWwWi60D1OW8SYL4R1mj9nzrQTJIHK J3CxAxgiwpbKH0++Bdhujqh/21pJqv/TiRTJx2LLF6jdYkKLFvpoentWR/WZPPQPv7Efyy PKbuWdrPnr82ki7KdvM/BXmJPtrAaipW2J5tXPddzCx/OPpYNN/BpYIU9hhfE7jWqMfByP 2MjS4tsrVuaslPOg9h7K2kqf7dV9i05uGqY5iRWXpG2KDlbw77sAVmVaqO2GCA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260756 Bug ID: 260756 Summary: net/krill: Update to version 0.9.4 Product: Ports & Packages Version: Latest Hardware: Any URL: https://github.com/NLnetLabs/krill/releases OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: jaap@NLnetLabs.nl Attachment #230493 maintainer-approval+ Flags: Created attachment 230493 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D230493&action= =3Dedit patch to upgrade Release v0.9.4 - One shall be the number thou shalt count from This release fixes the following issues: - RRDP serial should start from 1, not 0 (#741) - Allow configuring RFC6492/8181 client timeouts (#743) The first addresses a non-critical bug found when running Krill as a Publication Server present in all Krill versions before this release. The second addresses an issue seen in Krill 0.7.3 running with 100s of CAs in a single Krill instance - such timeouts have not been seen in Krill 0.9.x - but it does not hurt to give operators control over this configuration. If you are using Krill for RPKI CA functions only, and you have already upgraded to version 0.9.3 then there is no immediate need to upgrade to this version. If you are running a version from before 0.9.3, then you are still advised to upgrade to this version for the reasons list under version 0.9.3. Notes for update to release 0.9.3 -- Thundering Herd This release adds a (configurable) extra random 'jitter' time between 0 and 240 minutes, by default, for scheduled re-issuing of manifest and CRLs. The reason for this change is that with many Krill CAs publishing at a Publication Server every 10 minutes we frequently see that many CAs re-publish at exactly the same time of day. With this change this load should be spread out. Note that this does not affect publishing changes to content, such as ROAs. Such changes are still published immediately. This release adds the following features and fixes: - Prevent a thundering herd of hosted CAs publishing at the same time (#436) - Re-issue ROAs to ensure that short EE subject names are used (#700) - Handle rate limits when updating parents (#680) - Support experimental ASPA objects through CLI (#685) - Re-issue ASPA objects on when a key roll is performed (#717) - Use the official OIDs for ASPA objects, now they have been assigned (#719) Note that ASPA objects are not intended for use in production environments just yet. We have added experimental support for this to support the development of the ASPA standards in the IETF. Information on how to use Krill to manage ASPA objects can be found [here](https://krill.docs.nlnetlabs.nl/en/prototype-aspa-support/manage-asp= as.html). --=20 You are receiving this mail because: You are the assignee for the bug.=