Re: Add a minimal instance of named early in the boot

To: Tonnerre LOMBARD <tonnerre%netbsd.ch@localhost>
Subject: Re: Add a minimal instance of named early in the boot
From: "Jeremy C. Reed" <reed%reedmedia.net@localhost>
Date: Mon, 31 Aug 2009 09:32:08 -0500 (CDT)

On Wed, 12 Aug 2009, Tonnerre LOMBARD wrote:

> On Mon, Aug 10, 2009 at 10:20:46PM +0200, Joerg Sonnenberger wrote:
> > There is another alternative I just remembered. Adding support for
> > liblwres via nsswitch.conf.
> 
> That's not a bad idea; it would have to be verified beforehand though
> that liblwres/lwresd support DNSSEC. I get the impression though that
> the answer will be "yes".

Yes, but I haven't used it. The BIND 9 lightweight resolver library's 
lwres_getrrsetbyname(3) offers individual signatures and indication when 
the data has been DNSSEC validated and the signatures verified.

/usr/src/external/bsd/bind/dist/lib/lwres/man/lwres_getrrsetbyname.3

References:
- Add a minimal instance of named early in the boot
  - From: Alan Barrett
- Re: Add a minimal instance of named early in the boot
  - From: Joerg Sonnenberger
- Re: Add a minimal instance of named early in the boot
  - From: Alan Barrett
- Re: Add a minimal instance of named early in the boot
  - From: Joerg Sonnenberger
- Re: Add a minimal instance of named early in the boot
  - From: Tonnerre LOMBARD

Prev by Date: Re: Add a minimal instance of named early in the boot
Next by Date: Re: ipfilter ipv6 icmp woes
Previous by Thread: Re: Add a minimal instance of named early in the boot
Next by Thread: Re: Add a minimal instance of named early in the boot
Indexes:

Home | Main Index | Thread Index | Old Index