New configurations in /etc/resolv.conf
P J P
pj.pandit at yahoo.co.in
Sun Apr 13 19:23:54 UTC 2014
Hello,
Please see:
-> http://www.ietf.org/mail-archive/web/dane/current/msg06469.html
-> https://www.ietf.org/mail-archive/web/dane/current/msg06658.html
These two threads are about handling of Authenticated Data(AD) bit by the stub resolvers. There two proposed solutions for this problem:
1) To install a 'trusted' local resolver running on 127.0.0.1:53.
A system wide change request has been filed for this.
-> https://fedoraproject.org/wiki/Changes/Default_Local_DNS_Resolver
2) To strip the AD bit in stub resolvers by default. This requires new configuration
parameter(s) to be defined in '/etc/resolv.conf'.
This is required because, till the time 'trusted' local resolver becomes a norm, applications need some way to know whether the listed name servers in '/etc/resolv.conf' are trustworthy or not.
The discussion is open for ways to convey 'trustworthyness' of the listed name servers to the requesting applications and ways to enable/disable AD bit stripping in the stub resolver.
Your inputs/comments about syntax & semantics of the new configurations in '/etc/resolv.conf' are most welcome.
Thank you.
---
Regards
-Prasad
http://feedmug.com
More information about the devel
mailing list