]> git.ipfire.org Git - people/ms/dnsmasq.git/commit - src/dnsmasq.h
projects / people / ms / dnsmasq.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 83349b8) | patch
Use DS records as trust anchors, not DNSKEYs.
authorSimon Kelley <simon@thekelleys.org.uk>
Tue, 11 Feb 2014 11:07:22 +0000 (11:07 +0000)
committerSimon Kelley <simon@thekelleys.org.uk>
Tue, 11 Feb 2014 11:07:22 +0000 (11:07 +0000)
commitee4158678a5c5281cbbf38cd8f36b98df6d1b159
treeffc21a5ff89491983ab00efcc2a511744552b260tree | snapshot
parent83349b8aa4f8667f611918b9189446b0e93fc2bbcommit | diff
Use DS records as trust anchors, not DNSKEYs.

This allows us to query for the root zone DNSKEY RRset and validate
it, thus automatically handling KSK rollover.
man/dnsmasq.8 diff | blob | blame | history
src/cache.c diff | blob | blame | history
src/dnsmasq.c diff | blob | blame | history
src/dnsmasq.h diff | blob | blame | history
src/option.c diff | blob | blame | history
src/rfc1035.c diff | blob | blame | history
src/util.c diff | blob | blame | history
trust-anchors.conf diff | blob | blame | history
Michael's tree of dnsmasq.