New configurations in /etc/resolv.conf
P J P
pj.pandit at yahoo.co.in
Sun Apr 13 19:23:54 UTC 2014
These two threads are about handling of Authenticated Data(AD) bit by the stub resolvers. There two proposed solutions for this problem:
1) To install a 'trusted' local resolver running on 127.0.0.1:53.
A system wide change request has been filed for this.
2) To strip the AD bit in stub resolvers by default. This requires new configuration
parameter(s) to be defined in '/etc/resolv.conf'.
This is required because, till the time 'trusted' local resolver becomes a norm, applications need some way to know whether the listed name servers in '/etc/resolv.conf' are trustworthy or not.
The discussion is open for ways to convey 'trustworthyness' of the listed name servers to the requesting applications and ways to enable/disable AD bit stripping in the stub resolver.
Your inputs/comments about syntax & semantics of the new configurations in '/etc/resolv.conf' are most welcome.
More information about the devel