Subject: Re: have there been any "recent" resolver fixes?
To: NetBSD-current Discussion List <>
From: Andrew Brown <>
List: current-users
Date: 05/26/2000 10:09:02
>> okay, but i seem to recall some discussion about dnssec processing
>> being offloading to something like nscd so that applications could
>> have the benefits of dnssec without incurring the overhead of having
>> to do the actual cryptographic processing.
>If nsdc (and/or doors) ever makes it off Solaris I'll puke all over the
>guy who does the port/rewrite.....

um...okay.  i don't like nscd that much, but what do you have against
doors?  or do you simply not like things you know nothing about?

>I.e. I think you're confusing bind-9 with something else entirely.

i don't think so.

>There is a light-weight resolver daemon in bind-9 to run on hosts that
>don't need the full nameserver (i.e. that have no local zones and IIRC
>it doesn't even have a cache).  Perhaps you're thinking of that?

it might be, but i thought that (a) it had a cache, and (b) it had
nothing to do with a host having no local zones, but rather to do with
off-loading the heavy cryptographic burden of dnssec to something else
(ie, so that it wasn't in the resolver library).

|-----< "CODE WARRIOR" >-----|             * "ah!  i see you have the internet (Andrew Brown)                that goes *ping*!"       * "information is power -- share the wealth."