libunbound-dev package on Ubuntu 20 does not validate ed25519/ed448

Asked by Matthew Zipkin


Ubuntu 20 ("focal") comes with OpenSSL version 1.1.1 and has available libunbound-dev version 1.9.4

OpenSSL version 1.1.1 provides support for ed25519 and ed448

However, I am an unable to validate these DNSSEC algorithms with this configuration.

Unbound should support those algorithms if it is built on a system where OpenSSL supports those algortihms: (unbound release notes) (related issue).

This makes me wonder if the Ubuntu package maintainer either accidentally or for-some-reason on purpose disabled those algorithms in the libunbound-dev package available for that version of Ubuntu?

I contribute to a nodejs package that binds to libunbound-dev and I noticed this issue testing on Ubuntu 20 both locally and on Github Actions where 20 is the latest Ubuntu version available.

I was able to fix our CI tests by installing libunbound from source as part of the CI action and now our ed25519 and ed448 tests pass.


Question information

English Edit question
Ubuntu unbound Edit question
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Manfred Hampl (m-hampl) said :

There is no "Ubuntu 20".
The release named focal is Ubuntu 20.04, not to be confused with Ubuntu 20.10 (groovy).
see and

Revision history for this message
Bernard Stafford (bernard010) said (last edit ):

Can you help with this problem?

Provide an answer of your own, or ask Matthew Zipkin for more information if necessary.

To post a message you must log in.