"security-aware-resolver" virtual package (Was: Two new DNS virtual packages (authoritative-name-server & recursive-name-server))
since the authoritative-name-server idea was rejected by the list, I was
going to propose alternative:
The definition from RFC4033:
Security-Aware Resolver: An entity acting in the role of a resolver
(defined in section 2.4 of [RFC1034]) that understands the DNS
security extensions defined in this document set. In particular,
a security-aware resolver is an entity that sends DNS queries,
receives DNS responses, supports the EDNS0 ([RFC2671]) message
size extension and the DO bit ([RFC3225]), and is capable of using
the RR types and message header bits defined in this document set
to provide DNSSEC services.
Ondřej Surý <email@example.com>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server
On Thu, Oct 24, 2013, at 1:51, James Cloos wrote:
> As a side note to this discussion, more interesting than a list of
> all resolvers would be a list of /verifying/ resolvers.
> An easy way to find all packaged verifying resolvers, to choose one
> for local installation would help many users.
> And an easy way to depend on a local verifier would help both devs
> packaging 'ware which wants verified dns lookups and those reading
> though package deps. (Where deps includes recommends and suggests.)
> And a local /verifier/ is generally a more important requirement
> than just a local resolver.
> James Cloos <firstname.lastname@example.org> OpenPGP: 1024D/ED7DAEA6
> To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> Archive: [🔎] email@example.com">http://lists.debian.org/[🔎] firstname.lastname@example.org