New configurations in /etc/resolv.conf

P J P pj.pandit at
Sun Apr 13 19:23:54 UTC 2014


Please see:

These two threads are about handling of Authenticated Data(AD) bit by the stub resolvers. There two proposed solutions for this problem:

 1) To install a 'trusted' local resolver running on
    A system wide change request has been filed for this.

 2) To strip the AD bit in stub resolvers by default. This requires new configuration
    parameter(s) to be defined in '/etc/resolv.conf'.

This is required because, till the time 'trusted' local resolver becomes a norm, applications need some way to know whether the listed name servers in '/etc/resolv.conf' are trustworthy or not.

The discussion is open for ways to convey 'trustworthyness' of the listed name servers to the requesting applications and ways to enable/disable AD bit stripping in the stub resolver.

Your inputs/comments about syntax & semantics of the new configurations in '/etc/resolv.conf' are most welcome.

Thank you.

More information about the devel mailing list