DNSSEC and SSL

Wes Hardaker wjhns61 at hardakers.net
Mon Aug 23 09:31:36 CDT 2010


>>>>> On Sun, 22 Aug 2010 21:57:27 +0200, Mans Nilsson <mansaxel at besserwisser.org> said:

MN> The best option today is to run a full-service resolver on the host;

The DNSSEC-Tools project has instrumented a large number of applications
with an in-application validating resolver.  Including OpenSSH (with a
new auto-accept-keys option!), sendmail, postfix, libspf, thunderbird,
lftp, wget, ncftp, ...
-- 
Wes Hardaker                                     
My Pictures:  http://capturedonearth.com/
My Thoughts:  http://pontifications.hardakers.net/




More information about the NANOG mailing list