Subject: Re: have there been any "recent" resolver fixes?
To: NetBSD-current Discussion List <firstname.lastname@example.org>
From: Andrew Brown <email@example.com>
Date: 05/26/2000 10:09:02
>> okay, but i seem to recall some discussion about dnssec processing
>> being offloading to something like nscd so that applications could
>> have the benefits of dnssec without incurring the overhead of having
>> to do the actual cryptographic processing.
>If nsdc (and/or doors) ever makes it off Solaris I'll puke all over the
>guy who does the port/rewrite.....
um...okay. i don't like nscd that much, but what do you have against
doors? or do you simply not like things you know nothing about?
>I.e. I think you're confusing bind-9 with something else entirely.
i don't think so.
>There is a light-weight resolver daemon in bind-9 to run on hosts that
>don't need the full nameserver (i.e. that have no local zones and IIRC
>it doesn't even have a cache). Perhaps you're thinking of that?
it might be, but i thought that (a) it had a cache, and (b) it had
nothing to do with a host having no local zones, but rather to do with
off-loading the heavy cryptographic burden of dnssec to something else
(ie, so that it wasn't in the resolver library).
|-----< "CODE WARRIOR" >-----|
firstname.lastname@example.org * "ah! i see you have the internet
email@example.com (Andrew Brown) that goes *ping*!"
firstname.lastname@example.org * "information is power -- share the wealth."