]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c46f568) | patch
Include in manual what DNSSEC=no means in detail
authorPetr Menšík <pemensik@redhat.com>
Sat, 15 Jul 2023 02:11:25 +0000 (04:11 +0200)
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Tue, 18 Jul 2023 15:28:32 +0000 (17:28 +0200)
commit96d384ca4fdf472df5f1946f0d148cac3a5409ca
tree490e728099fe343c3829877a289253da048d2a6btree | snapshot
parentc46f5680ca8d911c5e83c90b73f830f4f4609686commit | diff
Include in manual what DNSSEC=no means in detail

https://www.rfc-editor.org/rfc/rfc4035.html#section-3.2.1 says
security-aware recursive name server MUST set DO bit when sending
requests. systemd-resolved does not do that by design. State it more
clearly in manual page. Unlike other implementations it disables not
only validation as it stated, but complete DNSSEC awareness.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
man/resolved.conf.xml diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.