To:
Jakob Schlyter <jakob@crt.se>
Cc:
dnssec@cafax.se
From:
Miek Gieben <miekg@atoom.net>
Date:
Thu, 19 Dec 2002 13:14:35 +0100
Content-Disposition:
inline
In-Reply-To:
<Pine.BSO.4.50.0212191033330.22276-100000@fonbella.crt.se>
Mail-Followup-To:
Jakob Schlyter <jakob@crt.se>, dnssec@cafax.se
Sender:
owner-dnssec@cafax.se
User-Agent:
Vim/Mutt/Linux
Subject:
Re: dnssec resolver
[On 19 Dec, @10:39, Jakob wrote in "Re: dnssec resolver ..."] > On Wed, 18 Dec 2002, Miek Gieben wrote: > > second, related, reason is that this makes the parsing of the file a lot > > simpler. > > I've just played around some with the code, it is really useful for > debugging. nice work! thanks, I'm glad to hear that it is already useful > I also agree with the decision to use ds records for trust and hope that > our friends at ISC will implement this in bind9 as well - it would be much > easier when configuring the resolvers. combined with a good > pseudo-language generator (such as bubblebabble used by ssh) out-of-band > verification is also easier. > > example: > > 9d58f48fe8675d9b52021daa47cd2a35 > ... becomes ... > xoced-kyvak-fydul-rorer-robat-lyhav-meran-socok-laram-robog-coxux never heard of that stuff, but that _is_ really handy. From the rest of the thread I gather that it is already in Net::DNS::SEC :) grtz Miek