The following summary lists release notes for all NPKD versions.

For detailed information on features and improvements implemented in recent releases, see the NPKD Release Notes

NPKD 1.5

DECEMBER 2018

This release is mainly an upgrade of the underlying platform. No user-visible changes have been made, except for minor bug fixes.

Upgrade Information

When upgrading to this version, you need to create the tables RoleData and RoleMember data using the SQL file below. These tables serve as the replacement for AccessRulesData, AdminEntityData, and dminGroupData. The user roles configuration is automatically migrated to the new tables.

The old tables are left untouched, in case you would need to roll back to 1.4 or older.

Upgrade script: doc/sql-scripts/upgrade-1.2-to-1.5.sql

Major new features and improvements

  • Upgrade of CESeCore to 6.13
  • Updated authorization system to use CESeCore 6.13 (database change!)
  • CSCA certificates without Authority Key Identifier can be imported
  • Minor improvements and bug fixes

NPKD 1.4

AUGUST 2018

Major new features and improvements

  • Encryption of the database backup file
  • More efficient revocation checks
  • Workflow for recovering after all superadministrator certificates are expired
  • Upgrade of CESeCore to 6.7
  • Support for WildFly 10 and 11
  • Minor improvements and bug fixes

NPKD 1.3.1

DECEMBER 2017

Major new features and improvements

  • Separating creation of maintenance report and database backup and moving them as tasks under the PKD scheduler
  • Adding NPKD manual containing installation, administration, and operation instructions
  • Bug fixes

NPKD 1.3

SEPTEMBER 2017

Major new features and improvements

  • Management of Registry contact information
  • Support for multiple local LDAPs
  • Check of revocation status of certificates upon import
  • List content of CRLs
  • Easy management and scheduling of full backup and restore of the database
  • Monitoring of disk space
  • Improved documentation
  • Many important fixes and refactorizations to improve the current state of code

NPKD 1.2

MAY 2017

Major new features and improvements

  • Successful testing all NPKD features against ICAO Preproduction PKD
  • Full automation of all NPKD operations with detailed audit log
  • HSM support for TLS client authentication 
  • Deviation List support
  • Search NPKD object page rewritten and significantly improved
  • NPKD user roles and user authorization refactored and improved
  • Local LDAP servers synchronization check with self-repair against NPKD
  • Many important fixes and refactorizations to improve the current state of code

NPKD 1.1

DECEMBER 2016

Major new features and improvements

  • Adjusting to the new ICAO LDAP specification changes
  • Complete automated development environment with included sample ICAO LDAP server 
  • Support for importing NPKD objects directly from ldif files
  • Enhanced auditing experience
  • Detecting out of sync errors between NPKD and Local LDAP with few possibilities to fix them
  • Improved configuration options to enhance user control over NPKD operations
  • Many important fixes and refactorizations to improve the current state of code

NPKD 1.0

OCTOBER 2015

The PrimeKey NPKD solution is a server application with a GUI interface that can connect to ICAO PKD and upload, download or store all Passive Authentication security data (certificates, master lists, and CRLs). Additionally, all security data can be inspected in detail and checked against ICAO standards. Security data may be stored in a protected database and/or published to an NPKD LDAP server either automatically or after user confirmation.

Major features

  • Downloading Master Lists from a specific country
  • Extracting Master Lists and inspecting their certificates
  • Running ICAO checks on Master List CSCA certificates
  • Storing Master Lists in databases for later use
  • Publishing CSCA certificates to an NPKD LDAP server
  • Downloading all Master Lists from ICAO PKD
  • Downloading all DS certificates and CRLs from ICAO PKD
  • Uploading Master Lists to ICAO PKD
  • Finding the CSCA that has signed DS certificates
  • Finding Master Lists that contain CSCA certificates
  • Auditing all access control and integrity-change logs