git.ipfire.org Git - thirdparty/pdns.git/commit

author	Gert van Dijk <gertvdijk@gmail.com>
	Tue, 2 Apr 2019 09:09:19 +0000 (11:09 +0200)
committer	Gert van Dijk <gertvdijk@gmail.com>
	Mon, 8 Apr 2019 10:19:23 +0000 (12:19 +0200)
commit	f02f619d59fba8e2275c96a3e3cb4a108d028bff
tree	a8187696a6363c871e14b3859283b416ccb641a9	tree
parent	5957060b735db798542eb710baa634fa3aff2e9b	commit \| diff

docs: update pdnsutil 'set-nsec3' and NSEC3 narrow mode

* The 4-parameter quoted string argument in "pdnsutil set-nsec3" appears to
  have a default value of "1 0 1 ab" according to the sources:
  https://github.com/PowerDNS/pdns/blob/e62422ce0e86cfe959073ef061f07873ceff6be8/pdns/pdnsutil.cc#L2459
  introduced with b8adb30dff5fc18b55e27580c07799d8fae1bafb (in 3.3+)
* The example command included smart quotes, which don't really work when
  copy-pasted to a shell - changed to monospaced formatting.
* Include note about online signing requirement for "White Lies" / narrow
  mode support and that zone transfers are denied in this mode.
* Mention RFC about "White Lies".
* Mention defaults on 'DNSSEC Modes of Operation'.
* Mention possible limits of ITERATIONS via 'max-nsec3-iterations'.

docs/dnssec/modes-of-operation.rst		diff \| blob \| blame \| history
docs/dnssec/operational.rst		diff \| blob \| blame \| history
docs/manpages/pdnsutil.1.rst		diff \| blob \| blame \| history
docs/settings.rst		diff \| blob \| blame \| history