With this commit, Florian Obser (florian@) enabled DNSSEC validation in the default unbound.conf(5) in -current:

CVSROOT:	/cvs
Module name:	src
Changes by:	florian@cvs.openbsd.org	2018/12/07 02:21:08

Modified files:
	etc            : unbound.conf 

Log message:
Enable DNSSEC validation.
Requested by & OK claudio
Input & OK sthen
OK job, solene
Various commenting that they run with validation since a long time
without issues.

There's also a related entry in the "Following -current and using snapshots" FAQ.

Update: The change has been reverted:

CVSROOT:	/cvs
Module name:	src
Changes by:	florian@cvs.openbsd.org	2018/12/11 12:16:36

Modified files:
	etc            : unbound.conf 

Log message:
the world is not ready for dnssec enabled by default

Gilles Chehade (gilles@) has written another piece on progress in OpenSMTPD development. -current now has proc filters!

Otto Moerbeek (otto@) has issued a series of Mastodon messages explaining some of the the virtues of OpenBSD's malloc(3) implementation. They provide excellent reading in easily-digestible pieces.

Job Snijders (job@) has written an article at Medium proposing rpki-client(1), a new, BSD-licensed RPKI validator.

[ TL;DR—$1000 out of $20,000 USD has been pledged! ]

As always, readers are encouraged to contribute!

Update: As noted in the first comment here, the article has been updated (already!) with good news -

[ TL;DR—DONE! We reached the $20,000 fundraiser goal! Thank you NetNod, IIS.SE, SUNET & 6connect for supporting this effort! ]

Claudio Jeker (claudio@) wrote in to let us know that he and Job Snijders (job@) have written an article about OpenBGPD for RIPE Labs.

There has been a lot of activity from my side going to OpenBGPD. Thanks to some funding by RIPE NCC and many European internet exchange points I was able to work full time on OpenBGPD for the last 6 month. The article covers why and what was done until now.

[Also worthy of note are Claudio's slides from the recent DENOG10.]

Right on the heels of the previous announcement, Kenneth R. Westerback (krw@) of the OpenBSD Foundation writes to inform us:

The OpenBSD Foundation is happy to announce that individual contributions from the OpenBSD commnunity have again exceeded $100,000, making the community the 2nd Iridium level donor for 2018!

These smaller regular contributions are the backbone of longer term spending planning. The Foundation would like to thank all the individuals who made and continue to make regular monthly contributions.

We'd like to thank Ken for sharing this piece of good news, and join him in thanking the larger community for their donations. If you haven't already (or want to add a donation), you can visit the donations page of the Foundation to make a contribution too.

On his blog, joshua stein (jcs@) has a description of the hoops he jumped through to get stereo sound out of his Huawei Matebook X under OpenBSD (something that only worked under Windows with special drivers).

His approach involves logging all PCI device accesses by running Windows in QEMU under Linux with VFIO, parsing that, and making the OpenBSD azalia(4) driver do the same.

Thanks to joshua for the interesting write-up!

Kenneth R. Westerback (krw@) writes to inform us:

Microsoft goes Gold for 2018!

The OpenBSD Foundation is happy to announce that Microsoft has increased its support level from Silver to Gold for 2018.

This is the fourth consecutive year that Microsoft has made a contribution to the OpenBSD Foundation and we are grateful for their continuing support.

Thank you, Ken for sharing the good news about the OpenBSD Foundation with the community.

In this commit, Otto Moerbeek (otto@) moved malloc handling from a softlink in /etc to a sysctl instead.