[getdns-users] First release candidate for getdns-1.2.0
Willem Toorop
willem at nlnetlabs.nl
Mon Sep 25 07:35:06 UTC 2017
Op 23-09-17 om 21:52 schreef A. Schulze:
>
>
> Am 22.09.2017 um 16:01 schrieb Willem Toorop:
>> Dear all,
>>
>> We have a first release candidate for the upcoming 1.2.0 feature release
>> of getdns.
>
> Hello Willem,
>
> what I noticed so far...
>
> * spelling-error in stubby/src/stubby.c: "extention" should be "extension"
>
> * stubby/stubby.yml.example
> - I suggest to reformat to avoid linebreaks on 80 char terminals
> - missing double-quotes in the inactive line
> #dnssec_trust_anchors: /etc/unbound/getdns-root.key
Thanks! Improvements committed to the release/v1.2.0 branch.
> * unbound uses /etc/unbound/root.key.
> Is there a reason getdns defaults to /etc/unbound/getdns-root.key?
Good question. For one, getdns interprets the trust anchor file as a
zone file and ignores all annotations; so it is handling the root key
somewhat different then unbound.
With Zero configuration DNSSEC we would prefer not to have a
dnssec_trust_anchor specified at all. I think we should replace this
line with one with which the location of the library specific data can
be set. I.e. something like:
# Specify the location where getdns will store it's library specific
# data. Currently this directory is used only for Zero configuration
# DNSSEC and will be used to track and store the root-anchors.xml,
# root-anchors.p7s and root.key files.
#
# appdata_dir: "/etc/getdns"
-- Willem
>
> Andreas
>
> _______________________________________________
> Users mailing list
> Users at getdnsapi.net
> https://getdnsapi.net/mailman/listinfo/users
>
More information about the Users
mailing list