"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!--
+ SPDX-License-Identifier: LGPL-2.1+
+
This file is part of systemd.
Copyright 2016 Lennart Poettering
along with systemd; If not, see <http://www.gnu.org/licenses/>.
-->
-<refentry id="dnssec-trust-anchors.d" conditional='ENABLE_RESOLVED'
+<refentry id="dnssec-trust-anchors.d" conditional='ENABLE_RESOLVE'
xmlns:xi="http://www.w3.org/2001/XInclude">
<refentryinfo>
<title>dnssec-trust-anchors.d</title>
<refsect1>
<title>Negative Trust Anchors</title>
- <para>Negative trust anchors define domains where DNSSEC
- validation shall be turned off. Negative trust anchor files are
- found at the same location as positive trust anchor files, and
- follow the same overriding rules. They are text files with the
- <filename>.negative</filename> suffix. Empty lines and lines whose
- first character is <literal>;</literal> are ignored. Each line
- specifies one domain name where DNSSEC validation shall be
- disabled on.</para>
+ <para>Negative trust anchors define domains where DNSSEC validation shall be turned
+ off. Negative trust anchor files are found at the same location as positive trust anchor files,
+ and follow the same overriding rules. They are text files with the
+ <filename>.negative</filename> suffix. Empty lines and lines whose first character is
+ <literal>;</literal> are ignored. Each line specifies one domain name which is the root of a DNS
+ subtree where validation shall be disabled.</para>
<para>Negative trust anchors are useful to support private DNS
subtrees that are not referenced from the Internet DNS hierarchy,