Subject: Re: have there been any "recent" resolver fixes?
To: NetBSD-current Discussion List <current-users@netbsd.org>
From: Andrew Brown <atatat@atatdot.net>
List: current-users
Date: 05/26/2000 10:09:02
>> okay, but i seem to recall some discussion about dnssec processing
>> being offloading to something like nscd so that applications could
>> have the benefits of dnssec without incurring the overhead of having
>> to do the actual cryptographic processing.
>
>If nsdc (and/or doors) ever makes it off Solaris I'll puke all over the
>guy who does the port/rewrite.....
um...okay. i don't like nscd that much, but what do you have against
doors? or do you simply not like things you know nothing about?
>I.e. I think you're confusing bind-9 with something else entirely.
i don't think so.
>There is a light-weight resolver daemon in bind-9 to run on hosts that
>don't need the full nameserver (i.e. that have no local zones and IIRC
>it doesn't even have a cache). Perhaps you're thinking of that?
it might be, but i thought that (a) it had a cache, and (b) it had
nothing to do with a host having no local zones, but rather to do with
off-loading the heavy cryptographic burden of dnssec to something else
(ie, so that it wasn't in the resolver library).
--
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org * "ah! i see you have the internet
twofsonet@graffiti.com (Andrew Brown) that goes *ping*!"
andrew@crossbar.com * "information is power -- share the wealth."