From fe266c1104dded8580b4ff64f37c08a8fba4ac4c Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Wed, 27 Mar 2019 04:18:06 -0400 Subject: [PATCH] grammar: help parsers understand that denial-of-existence is a thing --- docs/dnssec/modes-of-operation.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/dnssec/modes-of-operation.rst b/docs/dnssec/modes-of-operation.rst index 487784d93c..b1c6472199 100644 --- a/docs/dnssec/modes-of-operation.rst +++ b/docs/dnssec/modes-of-operation.rst @@ -55,7 +55,7 @@ records, lives with the DNSSEC keying material. (Hashed) Denial of Existence ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -PowerDNS supports unhashed secure denial of existence using NSEC +PowerDNS supports unhashed secure denial-of-existence using NSEC records. These are generated with the help of the (database) backend, which needs to be able to supply the 'previous' and 'next' records in canonical ordering. @@ -63,7 +63,7 @@ canonical ordering. The Generic SQL Backends have fields that allow them to supply these relative record names. -In addition, hashed secure denial of existence is supported using NSEC3 +In addition, hashed secure denial-of-existence is supported using NSEC3 records, in two modes, one with help from the database, the other with the help of some additional calculations. @@ -72,7 +72,7 @@ where the backend should be able to supply the previous and next domain names in hashed order. NSEC3 in 'narrow' mode uses additional hashing calculations to provide -hashed secure denial of existence 'on the fly', without further +hashed secure denial-of-existence 'on the fly', without further involving the database. .. _dnssec-signatures: -- 2.39.2